hxxps://krnl[.]vip/alysse-executor/

Analysis

max time kernel
449s
max time network
449s
platform
windows10-2004_x64
resource
win10v2004-20240226-en
resource tags

arch:x64arch:x86image:win10v2004-20240226-enlocale:en-usos:windows10-2004-x64system
submitted
08/04/2024, 16:35 UTC

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

https://krnl.vip/alysse-executor/

Score

1^/10

Malware Config

Signatures

Enumerates system info in registry 2 TTPs 3 IoCs

Query Registry

T1012

System Information Discovery

T1082

description	ioc	Process
Key opened	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemProductName	chrome.exe
Key value queried	\REGISTRY\MACHINE\HARDWARE\DESCRIPTION\System\BIOS\SystemManufacturer	chrome.exe

Modifies data under HKEY_USERS 2 IoCs

description	ioc	Process
Key created	\REGISTRY\USER\S-1-5-19\Software\Microsoft\Cryptography\TPM\Telemetry	chrome.exe
Set value (int)	\REGISTRY\USER\S-1-5-19\SOFTWARE\Microsoft\Cryptography\TPM\Telemetry\TraceTimeLast = "133570677560796482"	chrome.exe

Suspicious behavior: EnumeratesProcesses 4 IoCs

pid	Process
2744	chrome.exe
2744	chrome.exe
1936	chrome.exe
1936	chrome.exe

Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary 46 IoCs

pid	Process
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe

Suspicious use of AdjustPrivilegeToken 64 IoCs

description	pid	Process
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe
Token: SeShutdownPrivilege	2744	chrome.exe
Token: SeCreatePagefilePrivilege	2744	chrome.exe

Suspicious use of FindShellTrayWindow 64 IoCs

pid	Process
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe

Suspicious use of SendNotifyMessage 24 IoCs

pid	Process
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe
2744	chrome.exe

Suspicious use of WriteProcessMemory 64 IoCs

description	pid	Process	procid_target
PID 2744 wrote to memory of 3096	2744	chrome.exe	85
PID 2744 wrote to memory of 3096	2744	chrome.exe	85
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 2276	2744	chrome.exe	89
PID 2744 wrote to memory of 1940	2744	chrome.exe	90
PID 2744 wrote to memory of 1940	2744	chrome.exe	90
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91
PID 2744 wrote to memory of 4612	2744	chrome.exe	91

C:\Program Files\Google\Chrome\Application\chrome.exe
"C:\Program Files\Google\Chrome\Application\chrome.exe" --disable-background-networking --disable-component-update --simulate-outdated-no-au='Tue, 31 Dec 2099 23:59:59 GMT' --single-argument https://krnl.vip/alysse-executor/
1⤵
- Enumerates system info in registry
- Modifies data under HKEY_USERS
- Suspicious behavior: EnumeratesProcesses
- Suspicious behavior: NtCreateUserProcessBlockNonMicrosoftBinary
- Suspicious use of AdjustPrivilegeToken
- Suspicious use of FindShellTrayWindow
- Suspicious use of SendNotifyMessage
- Suspicious use of WriteProcessMemory
PID:2744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=crashpad-handler "--user-data-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" /prefetch:7 --monitor-self-annotation=ptype=crashpad-handler "--database=C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad" "--metrics-dir=C:\Users\Admin\AppData\Local\Google\Chrome\User Data" --url=https://clients2.google.com/cr/report --annotation=channel= --annotation=plat=Win64 --annotation=prod=Chrome --annotation=ver=106.0.5249.119 --initial-client-data=0xfc,0x100,0x104,0xa4,0x108,0x7fffdc299758,0x7fffdc299768,0x7fffdc299778
  2⤵
  PID:3096
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --gpu-preferences=UAAAAAAAAADgAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAAAQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=1744 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:2
  2⤵
  PID:2276
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2004 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:8
  2⤵
  PID:1940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=storage.mojom.StorageService --lang=en-US --service-sandbox-type=utility --mojo-platform-channel-handle=2224 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:8
  2⤵
  PID:4612
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --first-renderer-process --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=6 --mojo-platform-channel-handle=2828 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:2476
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=5 --mojo-platform-channel-handle=2844 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:2296
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=7 --mojo-platform-channel-handle=4612 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:1528
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=8 --mojo-platform-channel-handle=4728 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:2504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=9 --mojo-platform-channel-handle=5132 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:3952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=10 --mojo-platform-channel-handle=5328 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.ProcessorMetrics --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6308 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:8
  2⤵
  PID:3936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=6028 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:8
  2⤵
  PID:4804
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=13 --mojo-platform-channel-handle=5584 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:2940
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=14 --mojo-platform-channel-handle=6368 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5608
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=15 --mojo-platform-channel-handle=5544 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5736
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=16 --mojo-platform-channel-handle=6568 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5764
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=17 --mojo-platform-channel-handle=6752 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5844
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=18 --mojo-platform-channel-handle=6908 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:6020
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=19 --mojo-platform-channel-handle=7052 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:6112
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=20 --mojo-platform-channel-handle=7156 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5240
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=21 --mojo-platform-channel-handle=7160 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5340
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=22 --mojo-platform-channel-handle=7724 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5460
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=chrome.mojom.UtilWin --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=7948 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:8
  2⤵
  PID:3256
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=24 --mojo-platform-channel-handle=7996 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:2452
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=25 --mojo-platform-channel-handle=8288 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5164
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=26 --mojo-platform-channel-handle=7976 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5192
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=27 --mojo-platform-channel-handle=8488 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:1692
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=28 --mojo-platform-channel-handle=8628 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=29 --mojo-platform-channel-handle=8740 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:1284
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=30 --mojo-platform-channel-handle=8884 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5344
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=31 --mojo-platform-channel-handle=8752 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:3540
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=32 --mojo-platform-channel-handle=9044 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5952
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=33 --mojo-platform-channel-handle=9188 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:2456
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=34 --mojo-platform-channel-handle=9032 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:4500
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=35 --mojo-platform-channel-handle=8012 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:3492
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=36 --mojo-platform-channel-handle=8744 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5400
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=37 --mojo-platform-channel-handle=8908 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5584
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=38 --mojo-platform-channel-handle=7068 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=39 --mojo-platform-channel-handle=8608 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:3660
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=40 --mojo-platform-channel-handle=7560 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:2304
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=41 --mojo-platform-channel-handle=8784 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:1744
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=42 --mojo-platform-channel-handle=5908 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:3504
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=43 --mojo-platform-channel-handle=8008 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:1496
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=44 --mojo-platform-channel-handle=8928 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:2368
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=45 --mojo-platform-channel-handle=7908 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5100
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=quarantine.mojom.Quarantine --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=9192 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:8
  2⤵
  PID:1280
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=47 --mojo-platform-channel-handle=4740 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:532
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=48 --mojo-platform-channel-handle=9192 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5800
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=49 --mojo-platform-channel-handle=7508 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5784
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=50 --mojo-platform-channel-handle=8736 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:4488
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=51 --mojo-platform-channel-handle=8984 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:1052
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=gpu-process --disable-gpu-sandbox --use-gl=disabled --gpu-vendor-id=4318 --gpu-device-id=140 --gpu-sub-system-id=0 --gpu-revision=0 --gpu-driver-version=10.0.19041.546 --gpu-preferences=UAAAAAAAAADoAAAYAAAAAAAAAAAAAAAAAABgAAAAAAAwAAAAAAAAAAAAAACQAAAAAAAAAAAAAAAAAAAAAAAAAEgAAAAAAAAASAAAAAAAAAAYAAAAAgAAABAAAAAAAAAAGAAAAAAAAAAQAAAAAAAAAAAAAAAOAAAAEAAAAAAAAAABAAAADgAAAAgAAAAAAAAACAAAAAAAAAA= --mojo-platform-channel-handle=5128 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:2
  2⤵
  - Suspicious behavior: EnumeratesProcesses
  PID:1936
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=53 --mojo-platform-channel-handle=7768 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:6140
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=54 --mojo-platform-channel-handle=6540 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:5520
- C:\Program Files\Google\Chrome\Application\chrome.exe
  "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=renderer --display-capture-permissions-policy-allowed --lang=en-US --device-scale-factor=1 --num-raster-threads=4 --enable-main-frame-before-activation --renderer-client-id=55 --mojo-platform-channel-handle=7408 --field-trial-handle=1672,i,2531599189942762218,8842511102387186794,131072 /prefetch:1
  2⤵
  PID:2320

C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe
"C:\Program Files\Google\Chrome\Application\106.0.5249.119\elevation_service.exe"
1⤵
PID:4628

Network

DNS

krnl.vip

chrome.exe

Remote address:

8.8.8.8:53

Request

krnl.vip

IN A

Response

krnl.vip

IN A

104.21.46.75

krnl.vip

IN A

172.67.136.103
GET

https://krnl.vip/alysse-executor/

chrome.exe

Remote address:

104.21.46.75:443

Request

GET /alysse-executor/ HTTP/2.0
host: krnl.vip
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:35:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XkjBK00y99a%2FNq7QnMQoLBBY9sU%2BVVdcVzPVIR4xmSlzao1XKEJVhdbXmTl9BdFeL5TiN7qZPxz5Lv5k%2BE6dnXlqxoECV8ESXHcSYMPO7cFANccDvV%2FzujIlQA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8713ac3f9fd423e7-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

28.118.140.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.118.140.52.in-addr.arpa

IN PTR

Response
DNS

74.204.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.204.58.216.in-addr.arpa

IN PTR

Response

74.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f101e100net

74.204.58.216.in-addr.arpa

IN PTR

lhr48s49-in-f10�H

74.204.58.216.in-addr.arpa

IN PTR

lhr25s13-in-f74�H
DNS

75.46.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

75.46.21.104.in-addr.arpa

IN PTR

Response
DNS

172.210.232.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.210.232.199.in-addr.arpa

IN PTR

Response
DNS

110.52.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

110.52.16.104.in-addr.arpa

IN PTR

Response
DNS

fundingchoicesmessages.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

fundingchoicesmessages.google.com

IN A

Response

fundingchoicesmessages.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

172.217.16.238
GET

https://fundingchoicesmessages.google.com/i/pub-2695670041405697?ers=1

chrome.exe

Remote address:

172.217.16.238:443

Request

GET /i/pub-2695670041405697?ers=1 HTTP/2.0
host: fundingchoicesmessages.google.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://krnl.vip/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://translate.google.com/translate_a/element.js?cb=googFooterTranslate

chrome.exe

Remote address:

172.217.16.238:443

Request

GET /translate_a/element.js?cb=googFooterTranslate HTTP/2.0
host: translate.google.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

googleads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.179.226
DNS

content-autofill.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

content-autofill.googleapis.com

IN A

Response

content-autofill.googleapis.com

IN A

172.217.169.42

content-autofill.googleapis.com

IN A

142.250.179.234

content-autofill.googleapis.com

IN A

142.250.180.10

content-autofill.googleapis.com

IN A

142.250.187.202

content-autofill.googleapis.com

IN A

142.250.187.234

content-autofill.googleapis.com

IN A

142.250.178.10

content-autofill.googleapis.com

IN A

172.217.16.234

content-autofill.googleapis.com

IN A

142.250.200.10

content-autofill.googleapis.com

IN A

142.250.200.42

content-autofill.googleapis.com

IN A

216.58.201.106

content-autofill.googleapis.com

IN A

216.58.204.74

content-autofill.googleapis.com

IN A

216.58.213.10

content-autofill.googleapis.com

IN A

216.58.212.234
GET

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSJQnyJ_oyUPoqAxIFDTE9lDASBQ2jG53KEgUNg6hbPRIFDW7dSdk=?alt=proto

chrome.exe

Remote address:

172.217.169.42:443

Request

GET /v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSJQnyJ_oyUPoqAxIFDTE9lDASBQ2jG53KEgUNg6hbPRIFDW7dSdk=?alt=proto HTTP/2.0
host: content-autofill.googleapis.com
x-goog-encode-response-if-executable: base64
x-goog-api-key: AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw
x-client-data: CIr7ygE=
sec-fetch-site: none
sec-fetch-mode: no-cors
sec-fetch-dest: empty
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2695670041405697&output=html&adk=1812271804&adf=3025194257&lmt=1712594150&plaf=7%3A2&plat=1%3A1024%2C2%3A1024%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fkrnl.vip%2Falysse-executor%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&dt=1712594150333&bpp=4&bdt=708&idt=318&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6756936210439&frm=20&pv=2&ga_vid=808377926.1712594151&ga_sid=1712594151&ga_hid=930401239&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=609&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082546%2C44785295%2C44798934%2C95329025%2C95329438%2C95320377%2C31082143&oid=2&pvsid=1340682136266379&tmod=2045290731&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C609&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=334

chrome.exe

Remote address:

142.250.179.226:443

Request

GET /pagead/ads?gdpr=0&client=ca-pub-2695670041405697&output=html&adk=1812271804&adf=3025194257&lmt=1712594150&plaf=7%3A2&plat=1%3A1024%2C2%3A1024%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fkrnl.vip%2Falysse-executor%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&dt=1712594150333&bpp=4&bdt=708&idt=318&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6756936210439&frm=20&pv=2&ga_vid=808377926.1712594151&ga_sid=1712594151&ga_hid=930401239&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=609&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082546%2C44785295%2C44798934%2C95329025%2C95329438%2C95320377%2C31082143&oid=2&pvsid=1340682136266379&tmod=2045290731&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C609&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=334 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://krnl.vip/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2695670041405697&output=html&h=280&slotname=5157755194&adk=1665831196&adf=1231571052&pi=t.ma~as.5157755194&w=730&fwrn=4&fwrnh=100&lmt=1712594150&rafmt=1&format=730x280&url=https%3A%2F%2Fkrnl.vip%2Falysse-executor%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&dt=1712594150337&bpp=3&bdt=712&idt=343&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6756936210439&frm=20&pv=1&ga_vid=808377926.1712594151&ga_sid=1712594151&ga_hid=930401239&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=267&ady=352&biw=1263&bih=609&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082546%2C44785295%2C44798934%2C95329025%2C95329438%2C95320377%2C31082143&oid=2&pvsid=1340682136266379&tmod=2045290731&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C609&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=348

chrome.exe

Remote address:

142.250.179.226:443

Request

GET /pagead/ads?gdpr=0&client=ca-pub-2695670041405697&output=html&h=280&slotname=5157755194&adk=1665831196&adf=1231571052&pi=t.ma~as.5157755194&w=730&fwrn=4&fwrnh=100&lmt=1712594150&rafmt=1&format=730x280&url=https%3A%2F%2Fkrnl.vip%2Falysse-executor%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&dt=1712594150337&bpp=3&bdt=712&idt=343&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6756936210439&frm=20&pv=1&ga_vid=808377926.1712594151&ga_sid=1712594151&ga_hid=930401239&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=267&ady=352&biw=1263&bih=609&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082546%2C44785295%2C44798934%2C95329025%2C95329438%2C95320377%2C31082143&oid=2&pvsid=1340682136266379&tmod=2045290731&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C609&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=348 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://krnl.vip/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2695670041405697&output=html&h=250&slotname=9643795113&adk=1139357090&adf=72309546&pi=t.ma~as.9643795113&w=300&lmt=1712594150&format=300x250&url=https%3A%2F%2Fkrnl.vip%2Falysse-executor%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&dt=1712594150340&bpp=2&bdt=715&idt=383&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6756936210439&frm=20&pv=1&ga_vid=808377926.1712594151&ga_sid=1712594151&ga_hid=930401239&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=482&ady=929&biw=1263&bih=609&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082546%2C44785295%2C44798934%2C95329025%2C95329438%2C95320377%2C31082143&oid=2&pvsid=1340682136266379&tmod=2045290731&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C609&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=403

chrome.exe

Remote address:

142.250.179.226:443

Request

GET /pagead/ads?gdpr=0&client=ca-pub-2695670041405697&output=html&h=250&slotname=9643795113&adk=1139357090&adf=72309546&pi=t.ma~as.9643795113&w=300&lmt=1712594150&format=300x250&url=https%3A%2F%2Fkrnl.vip%2Falysse-executor%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&dt=1712594150340&bpp=2&bdt=715&idt=383&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6756936210439&frm=20&pv=1&ga_vid=808377926.1712594151&ga_sid=1712594151&ga_hid=930401239&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=482&ady=929&biw=1263&bih=609&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082546%2C44785295%2C44798934%2C95329025%2C95329438%2C95320377%2C31082143&oid=2&pvsid=1340682136266379&tmod=2045290731&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C609&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=403 HTTP/2.0
host: googleads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://krnl.vip/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

34.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

34.200.250.142.in-addr.arpa

IN PTR

Response

34.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f21e100net
DNS

238.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.16.217.172.in-addr.arpa

IN PTR

Response

238.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f141e100net

238.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f14�I
DNS

226.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.179.250.142.in-addr.arpa

IN PTR

Response

226.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f21e100net
DNS

42.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

42.169.217.172.in-addr.arpa

IN PTR

Response

42.169.217.172.in-addr.arpa

IN PTR

lhr48s08-in-f101e100net
DNS

tpc.googlesyndication.com

chrome.exe

Remote address:

8.8.8.8:53

Request

tpc.googlesyndication.com

IN A

Response

tpc.googlesyndication.com

IN A

142.250.200.33
GET

https://tpc.googlesyndication.com/pagead/js/r20240403/r20110914/client/qs_click_protection_fy2021.js

chrome.exe

Remote address:

142.250.200.33:443

Request

GET /pagead/js/r20240403/r20110914/client/qs_click_protection_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/simgad/14719202300581606184/14763004658117789537?w=100&h=100&tw=1&q=75

chrome.exe

Remote address:

142.250.200.33:443

Request

GET /simgad/14719202300581606184/14763004658117789537?w=100&h=100&tw=1&q=75 HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/simgad/15098960672202684288/14763004658117789537?w=400&h=209&tw=1&q=75

chrome.exe

Remote address:

142.250.200.33:443

Request

GET /simgad/15098960672202684288/14763004658117789537?w=400&h=209&tw=1&q=75 HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20240403/r20110914/client/load_preloaded_resource_fy2021.js

chrome.exe

Remote address:

142.250.200.33:443

Request

GET /pagead/js/r20240403/r20110914/client/load_preloaded_resource_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20240403/r20110914/abg_lite_fy2021.js

chrome.exe

Remote address:

142.250.200.33:443

Request

GET /pagead/js/r20240403/r20110914/abg_lite_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://tpc.googlesyndication.com/pagead/js/r20240403/r20110914/client/window_focus_fy2021.js

chrome.exe

Remote address:

142.250.200.33:443

Request

GET /pagead/js/r20240403/r20110914/client/window_focus_fy2021.js HTTP/2.0
host: tpc.googlesyndication.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

232.168.11.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

232.168.11.51.in-addr.arpa

IN PTR

Response
DNS

10.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.178.250.142.in-addr.arpa

IN PTR

Response

10.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f101e100net
DNS

33.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

33.200.250.142.in-addr.arpa

IN PTR

Response

33.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f11e100net
DNS

3.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.180.250.142.in-addr.arpa

IN PTR

Response

3.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f31e100net
DNS

3.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.169.217.172.in-addr.arpa

IN PTR

Response

3.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f31e100net
DNS

cm.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

cm.g.doubleclick.net

IN A

Response

cm.g.doubleclick.net

IN A

216.58.213.2
DNS

agen-assets.ftstatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

agen-assets.ftstatic.com

IN A

Response

agen-assets.ftstatic.com

IN CNAME

d1dvhck2p605dz.cloudfront.net

d1dvhck2p605dz.cloudfront.net

IN A

18.154.63.76

d1dvhck2p605dz.cloudfront.net

IN A

18.154.63.95

d1dvhck2p605dz.cloudfront.net

IN A

18.154.63.119

d1dvhck2p605dz.cloudfront.net

IN A

18.154.63.120
DNS

dsum-sec.casalemedia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

dsum-sec.casalemedia.com

IN A

Response

dsum-sec.casalemedia.com

IN A

104.18.36.155

dsum-sec.casalemedia.com

IN A

172.64.151.101
DNS

ib.adnxs.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ib.adnxs.com

IN A

Response

ib.adnxs.com

IN CNAME

g.geo.appnexusgslb.net

g.geo.appnexusgslb.net

IN CNAME

ib.anycast.adnxs.com

ib.anycast.adnxs.com

IN A

37.252.171.85

ib.anycast.adnxs.com

IN A

37.252.171.52

ib.anycast.adnxs.com

IN A

37.252.173.215

ib.anycast.adnxs.com

IN A

37.252.171.53

ib.anycast.adnxs.com

IN A

37.252.171.149

ib.anycast.adnxs.com

IN A

37.252.172.123

ib.anycast.adnxs.com

IN A

37.252.171.21
GET

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D

chrome.exe

Remote address:

104.18.36.155:443

Request

GET /rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP/2.0
host: dsum-sec.casalemedia.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Mon, 08 Apr 2024 16:35:53 GMT
content-length: 0
location: /rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgdpr%3D0%26google_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&gdpr=0&ixi=0&C=1
cf-ray: 8713ac542a8e94f6-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZhQc6bmqP08AADmqASjyDQAA; Path=/; Domain=casalemedia.com; Expires=Tue, 08 Apr 2025 16:35:53 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=4487; Path=/; Domain=casalemedia.com; Expires=Sun, 07 Jul 2024 16:35:53 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=4487; Path=/; Domain=casalemedia.com; Expires=Sun, 07 Jul 2024 16:35:53 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=LLVFQLHJtPGKRMqUQhcpMdPzfgmzbfDkUpjbZ%2FoCnEFFhyTK9x8M8Feh56FWVQsXg%2BV03dBVAMMHnt8B2LAPJPQ7xwKYhjbx95EnyWouHYIIQ90oUkuMy63bHSOtIhW8Uyf88E1uRne47A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqFcjrb6wILhUHoJGVDL2s&google_cver=1&gdpr=0

chrome.exe

Remote address:

104.18.36.155:443

Request

GET /rum?cm_dsp_id=45&external_user_id=CAESENqFcjrb6wILhUHoJGVDL2s&google_cver=1&gdpr=0 HTTP/2.0
host: dsum-sec.casalemedia.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Mon, 08 Apr 2024 16:35:53 GMT
content-length: 0
location: /rum?cm_dsp_id=45&external_user_id=CAESENqFcjrb6wILhUHoJGVDL2s&google_cver=1&gdpr=0&C=1
cf-ray: 8713ac542a8f94f6-LHR
cf-cache-status: DYNAMIC
cache-control: no-cache
expires: 0
set-cookie: CMID=ZhQc6VVbL2kAAHZzASgiqwAA; Path=/; Domain=casalemedia.com; Expires=Tue, 08 Apr 2025 16:35:53 GMT; Max-Age=31536000; Secure; SameSite=None
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMPS=1834; Path=/; Domain=casalemedia.com; Expires=Sun, 07 Jul 2024 16:35:53 GMT; Max-Age=7776000; Secure; SameSite=None
set-cookie: CMPRO=1834; Path=/; Domain=casalemedia.com; Expires=Sun, 07 Jul 2024 16:35:53 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ESg0xj1XgA4hcx3pMByar1P9uch3R8k1FBjRILaEL7H4zJCP9LiJQhZinK37LXNauby2oiddBM7p6AeJgRtyPmVbde6XiIqy58BQz%2B7oTGZstMeyWFNTOnygKELbiCCAxc20uwxy2SpWxQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400
GET

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0

chrome.exe

Remote address:

216.58.213.2:443

Request

GET /pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0 HTTP/2.0
host: cm.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUn90FsUabAWYjQX7lgrG7b_Q8UkJ9ST1QPasavmV6dUHO_PE5idxK-Z13B95xs
GET

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0

chrome.exe

Remote address:

216.58.213.2:443

Request

GET /pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0 HTTP/2.0
host: cm.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUn90FsUabAWYjQX7lgrG7b_Q8UkJ9ST1QPasavmV6dUHO_PE5idxK-Z13B95xs
DNS

servedby.flashtalking.com

chrome.exe

Remote address:

8.8.8.8:53

Request

servedby.flashtalking.com

IN A

Response

servedby.flashtalking.com

IN CNAME

servedby.flashtalking.com-v1.edgekey.net

servedby.flashtalking.com-v1.edgekey.net

IN CNAME

e4751.b.akamaiedge.net

e4751.b.akamaiedge.net

IN A

104.68.68.28
GET

https://servedby.flashtalking.com/imp/8/225407;7893657;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPDocTypeKeywordsUSDSKBAN300x250/?ftOBA=1&ft_domain=krnl.vip&ft_ifb=1&ft_agentEnv=0&ft_referrer=https://krnl.vip/alysse-executor/&gdpr=0&us_privacy=${US_PRIVACY}&site_url=https://krnl.vip/alysse-executor/&pub_id=1&sup_platform=1&cachebuster=177269.03738313715

chrome.exe

Remote address:

104.68.68.28:443

Request

GET /imp/8/225407;7893657;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPDocTypeKeywordsUSDSKBAN300x250/?ftOBA=1&ft_domain=krnl.vip&ft_ifb=1&ft_agentEnv=0&ft_referrer=https://krnl.vip/alysse-executor/&gdpr=0&us_privacy=${US_PRIVACY}&site_url=https://krnl.vip/alysse-executor/&pub_id=1&sup_platform=1&cachebuster=177269.03738313715 HTTP/1.1
Host: servedby.flashtalking.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript;charset=ISO-8859-1
Server: prod-xre-app13.frk11
Allow-Fenced-Frame-Automatic-Beacons: true
Vary: Accept-Encoding
Content-Encoding: gzip
Expires: Mon, 08 Apr 2024 16:35:53 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 08 Apr 2024 16:35:53 GMT
Content-Length: 949
Connection: keep-alive
Set-Cookie: flashtalkingad1="GUID=5942085F53BE0F";Comment="Flashtalking Cookie";Path=/;Domain=flashtalking.com;Expires=Fri, 09-May-2025 02:35:53 GMT;SameSite=None;Secure
Strict-Transport-Security: max-age=86400
GET

https://servedby.flashtalking.com/state/7893657;4674971;0;401;83A2D5CA-BF33-CD8B-FC8B-B81390609BE7/?ft_data=d9:ea350b55508b4cd982f978a8a41ab306;d9s:ea350b55508b4cd982f978a8a41ab306&cachebuster=422423242

chrome.exe

Remote address:

104.68.68.28:443

Request

GET /state/7893657;4674971;0;401;83A2D5CA-BF33-CD8B-FC8B-B81390609BE7/?ft_data=d9:ea350b55508b4cd982f978a8a41ab306;d9s:ea350b55508b4cd982f978a8a41ab306&cachebuster=422423242 HTTP/1.1
Host: servedby.flashtalking.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: flashtalkingad1="GUID=5942085F53BE0F"; _D9J=8fc3a9430bcb461fb3c9c37ac74b0b09

Response

HTTP/1.1 200 OK

Content-Type: image/gif
Content-Length: 42
Server: prod-xre-app10.frk11
Allow-Fenced-Frame-Automatic-Beacons: true
Expires: Mon, 08 Apr 2024 16:35:55 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Mon, 08 Apr 2024 16:35:55 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
DNS

ajs-assets.ftstatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ajs-assets.ftstatic.com

IN A

Response

ajs-assets.ftstatic.com

IN CNAME

d3f1y6rso5ozvw.cloudfront.net

d3f1y6rso5ozvw.cloudfront.net

IN A

18.173.233.72

d3f1y6rso5ozvw.cloudfront.net

IN A

18.173.233.19

d3f1y6rso5ozvw.cloudfront.net

IN A

18.173.233.87

d3f1y6rso5ozvw.cloudfront.net

IN A

18.173.233.4
GET

https://ajs-assets.ftstatic.com/ftUtils.js

chrome.exe

Remote address:

18.173.233.72:443

Request

GET /ftUtils.js HTTP/2.0
host: ajs-assets.ftstatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 26453
access-control-allow-methods: GET
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
access-control-max-age: 3000
last-modified: Mon, 04 Mar 2024 15:53:41 GMT
server: AmazonS3
x-amz-server-side-encryption: AES256
content-encoding: gzip
access-control-allow-origin: *
x-varnish: 886148984 877534046
via: 1.1 varnish (Varnish/5.2), 1.1 9de95acefc7f3768292e6951facd4ecc.cloudfront.net (CloudFront)
accept-ranges: bytes
date: Mon, 08 Apr 2024 15:54:50 GMT
cache-control: max-age=86400
etag: W/"ff56f311f5a69d0213d01af94b111f42"
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
x-amz-cf-pop: DUS51-P3
x-amz-cf-id: TM10BAn4_i9LB9KxFshAQAJjBoDg3zW7SFCrk8jR0a7L5fgN6b2ToQ==
age: 2463
DNS

155.36.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

155.36.18.104.in-addr.arpa

IN PTR

Response
DNS

98.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

98.201.58.216.in-addr.arpa

IN PTR

Response

98.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f21e100net

98.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f2�G

98.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f98�G
DNS

github.githubassets.com

Remote address:

8.8.8.8:53

Request

github.githubassets.com

IN A

Response

github.githubassets.com

IN A

185.199.108.154

github.githubassets.com

IN A

185.199.109.154

github.githubassets.com

IN A

185.199.110.154

github.githubassets.com

IN A

185.199.111.154
DNS

2.213.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.213.58.216.in-addr.arpa

IN PTR

Response

2.213.58.216.in-addr.arpa

IN PTR

lhr25s25-in-f21e100net

2.213.58.216.in-addr.arpa

IN PTR

ber01s14-in-f2�F
DNS

85.171.252.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

85.171.252.37.in-addr.arpa

IN PTR

Response

85.171.252.37.in-addr.arpa

IN PTR

1006bm-nginx-loadbalancermgmtfra1adnexusnet
DNS

102.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

102.201.58.216.in-addr.arpa

IN PTR

Response

102.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f61e100net

102.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f102�H

102.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f6�H
DNS

28.68.68.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

28.68.68.104.in-addr.arpa

IN PTR

Response

28.68.68.104.in-addr.arpa

IN PTR

a104-68-68-28deploystaticakamaitechnologiescom
DNS

matching.truffle.bid

Remote address:

8.8.8.8:53

Request

matching.truffle.bid

IN A

Response

matching.truffle.bid

IN A

162.55.120.196

matching.truffle.bid

IN A

23.88.86.2
DNS

72.233.173.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

72.233.173.18.in-addr.arpa

IN PTR

Response

72.233.173.18.in-addr.arpa

IN PTR

server-18-173-233-72dus51r cloudfrontnet
GET

https://agen-assets.ftstatic.com/display/7893657/4674971.json

chrome.exe

Remote address:

18.154.63.76:443

Request

GET /display/7893657/4674971.json HTTP/2.0
host: agen-assets.ftstatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://googleads.g.doubleclick.net
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
access-control-allow-methods: GET
access-control-expose-headers: Accept-Ranges, Content-Encoding, Content-Length, Content-Range
access-control-max-age: 3000
last-modified: Fri, 05 Apr 2024 22:03:29 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
access-control-allow-origin: *
content-encoding: gzip
x-varnish: 926077273
via: 1.1 varnish (Varnish/5.2), 1.1 77007e8fa31c6833ee40a227e9348a6a.cloudfront.net (CloudFront)
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:35:55 GMT
cache-control: max-age=30
etag: W/"00ad0e15591e452a1f14427866936b37"
vary: Accept-Encoding,Accept-Encoding
x-cache: RefreshHit from cloudfront
x-amz-cf-pop: DUS51-P4
x-amz-cf-id: 9KRd8Pwf9WxH0gcAhsKFzodPt30NG7Djr-HIFLpThPVzB5kYTyFt_Q==
DNS

www.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.178.4
GET

https://www.google.com/recaptcha/api2/aframe

chrome.exe

Remote address:

142.250.178.4:443

Request

GET /recaptcha/api2/aframe HTTP/2.0
host: www.google.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://krnl.vip/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

8.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.169.217.172.in-addr.arpa

IN PTR

Response

8.169.217.172.in-addr.arpa

IN PTR

lhr25s26-in-f81e100net
DNS

145.160.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

145.160.16.104.in-addr.arpa

IN PTR

Response
DNS

76.63.154.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

76.63.154.18.in-addr.arpa

IN PTR

Response

76.63.154.18.in-addr.arpa

IN PTR

server-18-154-63-76dus51r cloudfrontnet
DNS

4.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.178.250.142.in-addr.arpa

IN PTR

Response

4.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f41e100net
DNS

238.179.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

238.179.250.142.in-addr.arpa

IN PTR

Response

238.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f141e100net
DNS

d9.flashtalking.com

chrome.exe

Remote address:

8.8.8.8:53

Request

d9.flashtalking.com

IN A

Response

d9.flashtalking.com

IN CNAME

ft.device9.com

ft.device9.com

IN CNAME

tag.device9.com

tag.device9.com

IN A

54.75.228.101

tag.device9.com

IN A

54.228.83.32
DNS

cdn.flashtalking.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.flashtalking.com

IN A

Response

cdn.flashtalking.com

IN CNAME

cdn.flashtalking.com.edgekey.net

cdn.flashtalking.com.edgekey.net

IN CNAME

e1486.b.akamaiedge.net

e1486.b.akamaiedge.net

IN A

72.246.172.44
DNS

js.ad-score.com

chrome.exe

Remote address:

8.8.8.8:53

Request

js.ad-score.com

IN A

Response

js.ad-score.com

IN CNAME

d30hfjcp71s79q.cloudfront.net

d30hfjcp71s79q.cloudfront.net

IN A

18.173.233.75

d30hfjcp71s79q.cloudfront.net

IN A

18.173.233.54

d30hfjcp71s79q.cloudfront.net

IN A

18.173.233.38

d30hfjcp71s79q.cloudfront.net

IN A

18.173.233.90
GET

https://js.ad-score.com/score.min.js?pid=1000925&tt=g

chrome.exe

Remote address:

18.173.233.75:443

Request

GET /score.min.js?pid=1000925&tt=g HTTP/1.1
Host: js.ad-score.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers: Cache-Control
Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=86400
Expires: Mon, 08 Apr 2024 18:26:18 GMT
Last-Modified: Sun, 07 Apr 2024 18:26:18 GMT
Date: Sun, 07 Apr 2024 18:26:18 GMT
Content-Encoding: br
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 7270c380adcd801a51b624e5f77df782.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P3
X-Amz-Cf-Id: 80V9LdgBTFOCOsuMFx6GDt-DZIsDPhFnqSqguY6nBNp2qp9VOhwYtA==
Age: 79777
GET

https://js.ad-score.com/nlp-bp.min.js?pid=1000925&tt=g

chrome.exe

Remote address:

18.173.233.75:443

Request

GET /nlp-bp.min.js?pid=1000925&tt=g HTTP/1.1
Host: js.ad-score.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://googleads.g.doubleclick.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: public, max-age=86400
Content-Encoding: gzip
Last-Modified: Sun, 07 Apr 2024 17:34:30 GMT
Date: Sun, 07 Apr 2024 18:26:18 GMT
X-Cache: Hit from cloudfront
Via: 1.1 7270c380adcd801a51b624e5f77df782.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P3
X-Amz-Cf-Id: u2bU6uAEU1gohy0J9mHCCZ7EejpY531wWsOkwbKWrhPcV4ydCrfaSA==
Age: 79777
DNS

stat.flashtalking.com

chrome.exe

Remote address:

8.8.8.8:53

Request

stat.flashtalking.com

IN A

Response

stat.flashtalking.com

IN CNAME

stat.flashtalking.com.edgekey.net

stat.flashtalking.com.edgekey.net

IN CNAME

e1486.b.akamaiedge.net

e1486.b.akamaiedge.net

IN A

72.246.172.44
DNS

ad-events.flashtalking.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ad-events.flashtalking.com

IN A

Response

ad-events.flashtalking.com

IN CNAME

in.ftadsrv.com

in.ftadsrv.com

IN CNAME

in-lhr11.g.ftadsrv.com

in-lhr11.g.ftadsrv.com

IN CNAME

ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com

ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com

IN A

35.178.94.125

ad-interactions-prod-lb-1426714899.eu-west-2.elb.amazonaws.com

IN A

3.9.206.191
DNS

data.ad-score.com

chrome.exe

Remote address:

8.8.8.8:53

Request

data.ad-score.com

IN A

Response

data.ad-score.com

IN A

130.211.115.4
DNS

s0.2mdn.net

chrome.exe

Remote address:

8.8.8.8:53

Request

s0.2mdn.net

IN A

Response

s0.2mdn.net

IN A

172.217.169.70
DNS

code.createjs.com

chrome.exe

Remote address:

8.8.8.8:53

Request

code.createjs.com

IN A

Response

code.createjs.com

IN CNAME

san-download-stls.adobe.com.edgesuite.net

san-download-stls.adobe.com.edgesuite.net

IN CNAME

a1806.dscd.akamai.net

a1806.dscd.akamai.net

IN A

23.73.139.33

a1806.dscd.akamai.net

IN A

23.73.139.65
GET

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js

chrome.exe

Remote address:

172.217.169.70:443

Request

GET /ads/studio/cached_libs/gsap_3.11.5_min.js HTTP/2.0
host: s0.2mdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://cdn.flashtalking.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

101.228.75.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

101.228.75.54.in-addr.arpa

IN PTR

Response

101.228.75.54.in-addr.arpa

IN PTR

ec2-54-75-228-101 eu-west-1compute amazonawscom
DNS

44.172.246.72.in-addr.arpa

Remote address:

8.8.8.8:53

Request

44.172.246.72.in-addr.arpa

IN PTR

Response

44.172.246.72.in-addr.arpa

IN PTR

a72-246-172-44deploystaticakamaitechnologiescom
DNS

75.233.173.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

75.233.173.18.in-addr.arpa

IN PTR

Response

75.233.173.18.in-addr.arpa

IN PTR

server-18-173-233-75dus51r cloudfrontnet
DNS

70.169.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

70.169.217.172.in-addr.arpa

IN PTR

Response

70.169.217.172.in-addr.arpa

IN PTR

lhr48s09-in-f61e100net
DNS

125.94.178.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

125.94.178.35.in-addr.arpa

IN PTR

Response

125.94.178.35.in-addr.arpa

IN PTR

ec2-35-178-94-125 eu-west-2compute amazonawscom
DNS

4.115.211.130.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.115.211.130.in-addr.arpa

IN PTR

Response

4.115.211.130.in-addr.arpa

IN PTR

4115211130bcgoogleusercontentcom
DNS

33.139.73.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

33.139.73.23.in-addr.arpa

IN PTR

Response

33.139.73.23.in-addr.arpa

IN PTR

a23-73-139-33deploystaticakamaitechnologiescom
DNS

secure.flashtalking.com

chrome.exe

Remote address:

8.8.8.8:53

Request

secure.flashtalking.com

IN A

Response

secure.flashtalking.com

IN CNAME

secure.flashtalking.com.edgekey.net

secure.flashtalking.com.edgekey.net

IN CNAME

e1486.b.akamaiedge.net

e1486.b.akamaiedge.net

IN A

72.246.172.44
DNS

www.mediafire.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.mediafire.com

IN A

Response

www.mediafire.com

IN A

104.16.114.74

www.mediafire.com

IN A

104.16.113.74
DNS

74.114.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

74.114.16.104.in-addr.arpa

IN PTR

Response
DNS

the.gatekeeperconsent.com

chrome.exe

Remote address:

8.8.8.8:53

Request

the.gatekeeperconsent.com

IN A

Response

the.gatekeeperconsent.com

IN A

172.64.103.2

the.gatekeeperconsent.com

IN A

172.64.102.2
GET

https://the.gatekeeperconsent.com/cmp.min.js

chrome.exe

Remote address:

172.64.103.2:443

Request

GET /cmp.min.js HTTP/2.0
host: the.gatekeeperconsent.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:02 GMT
content-type: application/javascript
cache-control: public, max-age=14400
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Mon, 08 Apr 2024 16:27:22 GMT
cf-cache-status: HIT
age: 198
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2BvsmmLBQglnE7nI6wH4qoUq25mtuDAoDCAx21lG7uytmNharyBO%2BMknYNUJmxkDO8796xRat%2FYsyczM%2BPPL8aUuppjOmwlsxP8YCic6NroOvjujMUjC1W2VmTHkqPiyGxuTw5pUcoS%2B59iUO"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8713ac8abac83861-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
DNS

btloader.com

chrome.exe

Remote address:

8.8.8.8:53

Request

btloader.com

IN A

Response

btloader.com

IN A

104.22.74.216

btloader.com

IN A

104.22.75.216

btloader.com

IN A

172.67.41.60
GET

https://btloader.com/tag?o=5678961798414336&upapi=true

chrome.exe

Remote address:

104.22.74.216:443

Request

GET /tag?o=5678961798414336&upapi=true HTTP/2.0
host: btloader.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:02 GMT
content-type: application/javascript
content-length: 18207
cache-control: public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
content-encoding: gzip
etag: "30559177163db0dad2a184842b1f63f7"
last-modified: Mon, 08 Apr 2024 16:32:20 GMT
vary: Origin, Accept-Encoding
via: 1.1 google
cf-cache-status: HIT
age: 176
accept-ranges: bytes
server: cloudflare
cf-ray: 8713ac8b398e6614-AMS
DNS

www.ezojs.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.ezojs.com

IN A

Response

www.ezojs.com

IN CNAME

www.ezojs.com.cdn.cloudflare.net

www.ezojs.com.cdn.cloudflare.net

IN A

172.64.129.8

www.ezojs.com.cdn.cloudflare.net

IN A

172.64.128.8
DNS

privacy.gatekeeperconsent.com

chrome.exe

Remote address:

8.8.8.8:53

Request

privacy.gatekeeperconsent.com

IN A

Response

privacy.gatekeeperconsent.com

IN A

172.64.103.2

privacy.gatekeeperconsent.com

IN A

172.64.102.2
DNS

translate.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

translate.google.com

IN A

Response

translate.google.com

IN CNAME

www3.l.google.com

www3.l.google.com

IN A

172.217.16.238
DNS

cdn.amplitude.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.amplitude.com

IN A

Response

cdn.amplitude.com

IN A

18.66.242.6

cdn.amplitude.com

IN A

18.66.242.100

cdn.amplitude.com

IN A

18.66.242.149

cdn.amplitude.com

IN A

18.66.242.40
DNS

static.mediafire.com

chrome.exe

Remote address:

8.8.8.8:53

Request

static.mediafire.com

IN A

Response

static.mediafire.com

IN A

104.16.113.74

static.mediafire.com

IN A

104.16.114.74
GET

https://www.ezojs.com/ezoic/sa.min.js

chrome.exe

Remote address:

172.64.129.8:443

Request

GET /ezoic/sa.min.js HTTP/2.0
host: www.ezojs.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:02 GMT
content-type: application/javascript
cache-control: public, max-age=86400
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Sat, 06 Apr 2024 21:12:54 GMT
cf-cache-status: HIT
age: 72939
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=5XU4d0HdXbHO6LD%2F3gu567CR0Zra6yHIjLz79kjK%2BF5vKOf%2Bo%2FyTERI6lNmErlE7Kd4PIHaT80AJ%2FONxyPhtysgCwcrhwf7F6pJ0MTlSaIqQ5UjjzgPEIXrWBFCeVI%2B9"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8713ac8c0f1d77b1-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://privacy.gatekeeperconsent.com/consent_modules.json

chrome.exe

Remote address:

172.64.103.2:443

Request

GET /consent_modules.json HTTP/2.0
host: privacy.gatekeeperconsent.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:02 GMT
content-type: application/json;charset=UTF-8
access-control-allow-origin: *
cache-control: max-age=15780000, public
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=crhyT0zLcQy30m9MplO5%2Fi%2FB6zwb%2BobYwCsB4VtE8TTxCAkO2qmv1Er4szGZ1UT5FR0JvPwRa%2BaFd6ZIoPpFJdR0hHW%2Bo1dzGStgBEe%2BTx%2B%2FtjOTMNfhzszKjS07psOF2AGOMXi5PcWkN6slasHmHg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8713ac8c0dfe889e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://the.gatekeeperconsent.com/v2/config.json?domain=www.mediafire.com&changeLogId=0&cb=0

chrome.exe

Remote address:

172.64.103.2:443

Request

GET /v2/config.json?domain=www.mediafire.com&changeLogId=0&cb=0 HTTP/2.0
host: the.gatekeeperconsent.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:03 GMT
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=3600, public
content-security-policy: default-src 'none'
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: deny
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Sx%2Fw3i5QRSgtLgmSCHxkv2CKG5Ii6oEQvKCAb%2F%2FvOoKrXYYqTIa43Xfvt6iQGcPc%2FkpetXcftSS7iUW7t1zky2t1OaXmQb2mko1VmA7%2FCg17DrKH2DVEHDatXyB0LEtHY7fiRQOsvhkCy0YC"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8713ac901ac8889e-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

chrome.exe

Remote address:

18.66.242.6:443

Request

GET /libs/amplitude-8.5.0-min.gz.js HTTP/2.0
host: cdn.amplitude.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://www.mediafire.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/javascript
content-length: 22154
date: Mon, 15 Jan 2024 23:19:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Fri, 13 Aug 2021 22:37:42 GMT
etag: "660c3b546f2a131de50b69b91f26c636"
x-amz-server-side-encryption: AES256
cache-control: max-age=31536000
content-encoding: gzip
x-amz-version-id: NY8_7uBz3xoXYJBVsMSBAGHOz8ixMBS3
accept-ranges: bytes
server: AmazonS3
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
x-cache: Hit from cloudfront
via: 1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: GWdvex4ZrMfoQgxuzS3NO-9gHUNmWJzyq6yU2uEafV8slVOC2WjdQw==
age: 7233385
DNS

cdn.otnolatrnup.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.otnolatrnup.com

IN A

Response

cdn.otnolatrnup.com

IN A

104.16.52.110

cdn.otnolatrnup.com

IN A

104.16.53.110
DNS

www.mediafiredls.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.mediafiredls.com

IN A

Response

www.mediafiredls.com

IN A

172.67.73.78

www.mediafiredls.com

IN A

104.26.3.173

www.mediafiredls.com

IN A

104.26.2.173
DNS

static.cloudflareinsights.com

chrome.exe

Remote address:

8.8.8.8:53

Request

static.cloudflareinsights.com

IN A

Response

static.cloudflareinsights.com

IN A

104.16.80.73

static.cloudflareinsights.com

IN A

104.16.79.73
GET

https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0

chrome.exe

Remote address:

104.16.52.110:443

Request

GET /Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0 HTTP/2.0
host: cdn.otnolatrnup.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:02 GMT
content-type: application/x-javascript; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: public, no-transform, max-age=900
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
last-modified: Mon, 08 Apr 2024 16:31:02 GMT
cf-cache-status: HIT
age: 146
server: cloudflare
cf-ray: 8713ac8ddba98895-LHR
alt-svc: h3=":443"; ma=86400
GET

https://otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=77734&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=609&res=1280x720&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone

chrome.exe

Remote address:

104.16.52.110:443

Request

GET /Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=77734&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=609&res=1280x720&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone HTTP/2.0
host: otnolatrnup.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:03 GMT
content-type: application/json; charset=utf-8
accept-ch: Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Platform,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version
vary: Accept-Encoding
cache-control: private, no-transform
content-encoding: gzip
p3p: CP="CAO PSA OUR IND"
access-control-allow-origin: *
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: __INF_CC=; expires=Fri, 29-Mar-2024 16:36:03 GMT; path=/
set-cookie: INF_DFL8=false; path=/; SameSite=None; secure
set-cookie: IUID=a11d5849-daec-4a84-a7ae-2b0fca178a68; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure
set-cookie: ISSH=728220; path=/; SameSite=None; secure
set-cookie: VMI=; path=/; SameSite=None; secure
set-cookie: CHN=#[]; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSSH=#{}; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: MSRH=#{}; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILP={"Profile":{"Audiences":{"Audience":[],"ThirdPartyAudience":[]}},"CreatedDate":"2024-04-08T16:36:03.3176106Z"}; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure
set-cookie: ILPLU=#4/8/2024 4:36:03 PM; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILEALC=#4/8/2024 4:36:03 PM; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ILMPF=#True; expires=Mon, 08-Apr-2024 20:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMPLU=#1/1/0001 12:00:00 AM; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IPMUID=#; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: BSWUID=#; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: IKSR={}; path=/; SameSite=None; secure
set-cookie: IBL=#[]; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure
set-cookie: ISH=#{"101":[{"SId":"728220","D":"24/4/8T9:36:3"}]}; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
set-cookie: ISH_Q=#[101]; expires=Sat, 08-Apr-2034 16:36:03 GMT; path=/; SameSite=None; secure; HttpOnly
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8713ac902e5d8895-LHR
alt-svc: h3=":443"; ma=86400
GET

https://www.mediafiredls.com/adsupply/

chrome.exe

Remote address:

172.67.73.78:443

Request

GET /adsupply/ HTTP/2.0
host: www.mediafiredls.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

date: Mon, 08 Apr 2024 16:36:02 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Mon, 08 Apr 2024 16:36:17 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=NelvAMnd%2BjpbY%2FH2geiTXhWhDnSauulBprkx6wp3D1KYuS%2BZ3eyPtDz5LM1BRRxpU%2BrBk4xlf3JyoLImIIN1ne5SISNpYIF6Dokb0GU3FPF6Ks2epq1QKEMMy9oXXg6WxQ1fb85t"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8713ac8ddc293690-LHR
content-encoding: br
GET

https://www.mediafiredls.com/adsupply/

chrome.exe

Remote address:

172.67.73.78:443

Request

GET /adsupply/ HTTP/2.0
host: www.mediafiredls.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 403

date: Mon, 08 Apr 2024 16:36:08 GMT
content-type: text/html; charset=UTF-8
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: max-age=15
expires: Mon, 08 Apr 2024 16:36:23 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TlWfxE%2BZckYQ9BWQsM4RBUK%2FYX9OgQiqD01YfZAHUVooVUFgK3Zxw09bLvirxWWqGQg2swhpgpp6sQ1VTOkP2CtozFq7UriTa3OXFMvtBPf0uudLjRnn2lgUwIndZdqJRLneblnF"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8713acb1ec413690-LHR
content-encoding: br
GET

https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

chrome.exe

Remote address:

104.16.80.73:443

Request

GET /beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317 HTTP/2.0
host: static.cloudflareinsights.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://www.mediafire.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:02 GMT
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
etag: W/"2023.10.0"
last-modified: Tue, 10 Oct 2023 21:38:13 GMT
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
server: cloudflare
cf-ray: 8713ac8e1de78885-LHR
content-encoding: gzip
DNS

api.btloader.com

chrome.exe

Remote address:

8.8.8.8:53

Request

api.btloader.com

IN A

Response

api.btloader.com

IN A

130.211.23.194
DNS

ad-delivery.net

chrome.exe

Remote address:

8.8.8.8:53

Request

ad-delivery.net

IN A

Response

ad-delivery.net

IN A

104.26.3.70

ad-delivery.net

IN A

172.67.69.19

ad-delivery.net

IN A

104.26.2.70
DNS

translate.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

translate.googleapis.com

IN A

Response

translate.googleapis.com

IN A

216.58.204.74
GET

https://api.btloader.com/mw/state?bt_env=prod

chrome.exe

Remote address:

130.211.23.194:443

Request

GET /mw/state?bt_env=prod HTTP/2.0
host: api.btloader.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ad-delivery.net/px.gif?ch=2

chrome.exe

Remote address:

104.26.3.70:443

Request

GET /px.gif?ch=2 HTTP/2.0
host: ad-delivery.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:02 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPolhcjM0jeawO2c-CUa7LsQsE9JcoUeUL5NTsqhpkpQzElmT-DsSfJegi6E4brT_zwW3w
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 09 Apr 2024 16:36:02 GMT
cache-control: public, max-age=86400
age: 448089
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ckpSpPjg1msCUR2INIW9mD6FAlj8V6KeynPruMp8r8J5dK8lOFVRUb60iQrAxDN6EDZBRUl12KF8pAE389w9clhSPLgdejk9p1SYEbJXXnqQ1BvOyYnf2byvSe04iFQEsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8713ac8e79de769e-LHR
GET

https://ad-delivery.net/px.gif?ch=1&e=0.12405474589538112

chrome.exe

Remote address:

104.26.3.70:443

Request

GET /px.gif?ch=1&e=0.12405474589538112 HTTP/2.0
host: ad-delivery.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:02 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPolhcjM0jeawO2c-CUa7LsQsE9JcoUeUL5NTsqhpkpQzElmT-DsSfJegi6E4brT_zwW3w
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 09 Apr 2024 16:36:02 GMT
cache-control: public, max-age=86400
age: 448089
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=lz%2BUX96DUd7MpRrIO7Hh6Pwa2%2FujIZ4X06rOf8llOgEcLgVp7c3vBPVeLvXawMBJ7CCj9fV%2BK6H9kMhxWPE8x7b6mtJ1tGN6hPBD53LI7iuVK%2FpLK1jyJCKl0n2ZJwgUOw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8713ac8e79df769e-LHR
GET

https://ad-delivery.net/px.gif?ch=1&e=0.4580394173535045

chrome.exe

Remote address:

104.26.3.70:443

Request

GET /px.gif?ch=1&e=0.4580394173535045 HTTP/2.0
host: ad-delivery.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:08 GMT
content-type: image/gif
content-length: 43
x-guploader-uploadid: ABPtcPolhcjM0jeawO2c-CUa7LsQsE9JcoUeUL5NTsqhpkpQzElmT-DsSfJegi6E4brT_zwW3w
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 09 Apr 2024 16:36:08 GMT
cache-control: public, max-age=86400
age: 448082
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZFHJO%2BleA7CsQVmGziCvP%2BkVesFOA%2FpHSxv2geozuTcjMIIfrAe0tRKYFRKG99uZqJcFnitFQBdKyR9B89j%2BH8WSY6sz6b4bD%2BExRnHHTj5QmylK6TcWQ7sXPN84%2FV9Wlw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8713acb23c5a769e-LHR
GET

https://ad-delivery.net/px.gif?ch=2

chrome.exe

Remote address:

104.26.3.70:443

Request

GET /px.gif?ch=2 HTTP/2.0
host: ad-delivery.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
if-none-match: "ad4b0f606e0f8465bc4c4c170b37e1a3"
if-modified-since: Wed, 05 May 2021 19:25:32 GMT

Response

HTTP/2.0 304

date: Mon, 08 Apr 2024 16:36:08 GMT
x-guploader-uploadid: ABPtcPolhcjM0jeawO2c-CUa7LsQsE9JcoUeUL5NTsqhpkpQzElmT-DsSfJegi6E4brT_zwW3w
x-goog-generation: 1620242732037093
x-goog-metageneration: 5
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43
x-goog-hash: crc32c=cpEfJQ==
x-goog-hash: md5=rUsPYG4PhGW8TEwXCzfhow==
x-goog-storage-class: MULTI_REGIONAL
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Tue, 09 Apr 2024 16:36:08 GMT
cache-control: public, max-age=86400
age: 448082
last-modified: Wed, 05 May 2021 19:25:32 GMT
etag: "ad4b0f606e0f8465bc4c4c170b37e1a3"
cf-cache-status: HIT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gK6qqkHuTKL9tEsnJdsvIw%2F7GxovonvZS%2FaBwbTdN03HRHWtC1PvoktmS0oYxb0PynajsSrM1n3OGMoZZBl4exxq1wkxvUik6N2GFbgS%2BCPVNNbIyLWDCxBpaSdHLX5vhg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 8713acb23c5d769e-LHR
DNS

g.ezoic.net

chrome.exe

Remote address:

8.8.8.8:53

Request

g.ezoic.net

IN A

Response

g.ezoic.net

IN A

35.181.89.222

g.ezoic.net

IN A

13.39.145.251

g.ezoic.net

IN A

15.188.219.54
POST

https://g.ezoic.net/saa.go

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /saa.go HTTP/2.0
host: g.ezoic.net
content-length: 2621
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/javascript
date: Mon, 08 Apr 2024 16:36:03 GMT
expires: Sun, 07 Apr 2024 16:36:03 GMT
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-robots-tag: noindex
POST

https://g.ezoic.net/detroitchicago/imp.gif?ez_orig=1

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/imp.gif?ez_orig=1 HTTP/2.0
host: g.ezoic.net
content-length: 1257
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 1728000
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-type: image/gif
date: Mon, 08 Apr 2024 16:36:03 GMT
expires: Sun, 07 Apr 2024 16:36:03 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-middleton-display: imp_sol
content-length: 43
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiI3MjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyNC0wNC0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOGQ4MDZhMWMtMDYzNi00NzhhLTc5NmUtMTRkNWM3NjI0MTMxIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2MywiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiI3MjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyNC0wNC0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOGQ4MDZhMWMtMDYzNi00NzhhLTc5NmUtMTRkNWM3NjI0MTMxIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2MywiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ== HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:04 GMT
expires: Sun, 07 Apr 2024 16:36:04 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI0MDIifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjcwMyJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMzc1In0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjE3NCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjU1OCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxNzYxIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOGQ4MDZhMWMtMDYzNi00NzhhLTc5NmUtMTRkNWM3NjI0MTMxIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2MywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMTAxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTAxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjcuOCJ9XX1d

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI0MDIifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjcwMyJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMzc1In0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjE3NCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjU1OCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxNzYxIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOGQ4MDZhMWMtMDYzNi00NzhhLTc5NmUtMTRkNWM3NjI0MTMxIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2MywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMTAxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTAxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjcuOCJ9XX1d HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:04 GMT
expires: Sun, 07 Apr 2024 16:36:04 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiI1MCJ9XX1d

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiI1MCJ9XX1d HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:04 GMT
expires: Sun, 07 Apr 2024 16:36:04 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoibGNwX3ZhbHVlIiwidmFsIjoiMjc3NC40In1dfV0=

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoibGNwX3ZhbHVlIiwidmFsIjoiMjc3NC40In1dfV0= HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:06 GMT
expires: Sun, 07 Apr 2024 16:36:06 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiY2xzX3ZhbHVlIiwidmFsIjoiMCJ9XX1d

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiY2xzX3ZhbHVlIiwidmFsIjoiMCJ9XX1d HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:06 GMT
expires: Sun, 07 Apr 2024 16:36:06 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/saa.go

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /saa.go HTTP/2.0
host: g.ezoic.net
content-length: 3443
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-type: text/javascript
date: Mon, 08 Apr 2024 16:36:08 GMT
expires: Sun, 07 Apr 2024 16:36:08 GMT
server: Apache/2.4.39 (Ubuntu)
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-robots-tag: noindex
POST

https://g.ezoic.net/detroitchicago/imp.gif?ez_orig=1

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/imp.gif?ez_orig=1 HTTP/2.0
host: g.ezoic.net
content-length: 1259
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-methods: HEAD, PUT, POST, GET, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 1728000
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-type: image/gif
date: Mon, 08 Apr 2024 16:36:09 GMT
expires: Sun, 07 Apr 2024 16:36:09 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-middleton-display: imp_sol
content-length: 43
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiI3MjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyNC0wNC0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUxYTQ4M2JiLTNhNTMtNGU0ZC03MjBlLTBjMzI4YzBmMThmOSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUxYTQ4M2JiLTNhNTMtNGU0ZC03MjBlLTBjMzI4YzBmMThmOSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImxjcF92YWx1ZSIsInZhbCI6IjEzNTQuNSJ9XX1d

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiI3MjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyNC0wNC0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUxYTQ4M2JiLTNhNTMtNGU0ZC03MjBlLTBjMzI4YzBmMThmOSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUxYTQ4M2JiLTNhNTMtNGU0ZC03MjBlLTBjMzI4YzBmMThmOSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImxjcF92YWx1ZSIsInZhbCI6IjEzNTQuNSJ9XX1d HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:10 GMT
expires: Sun, 07 Apr 2024 16:36:10 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZmlkX3ZhbHVlIiwidmFsIjoiMTEifV19XQ==

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZmlkX3ZhbHVlIiwidmFsIjoiMTEifV19XQ== HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:09 GMT
expires: Sun, 07 Apr 2024 16:36:09 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUxYTQ4M2JiLTNhNTMtNGU0ZC03MjBlLTBjMzI4YzBmMThmOSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjgsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjIyIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIzMDEifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjYyIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjIwMCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjQ3NiJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMzU3In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiNDAxIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI0MDEifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0=

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUxYTQ4M2JiLTNhNTMtNGU0ZC03MjBlLTBjMzI4YzBmMThmOSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjgsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjIyIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIzMDEifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjYyIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjIwMCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjQ3NiJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMzU3In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiNDAxIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI0MDEifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0= HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:10 GMT
expires: Sun, 07 Apr 2024 16:36:10 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjcuOTUifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiI1MCJ9XX1d

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjcuOTUifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiI1MCJ9XX1d HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:10 GMT
expires: Sun, 07 Apr 2024 16:36:10 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzEyNTk0MTcxODY1In1dfV0=

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzEyNTk0MTcxODY1In1dfV0= HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:13 GMT
expires: Sun, 07 Apr 2024 16:36:13 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiaW5wX3ZhbHVlIiwidmFsIjoiMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImlucF9mYWlsaW5nX3ZhbHVlIiwidmFsIjoiMjAwIn0seyJuYW1lIjoiaW5wX2ZhaWxpbmdfaWRlbnRpZmllciIsInZhbCI6IiNkb3dubG9hZEJ1dHRvbiJ9XX1d

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiaW5wX3ZhbHVlIiwidmFsIjoiMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImlucF9mYWlsaW5nX3ZhbHVlIiwidmFsIjoiMjAwIn0seyJuYW1lIjoiaW5wX2ZhaWxpbmdfaWRlbnRpZmllciIsInZhbCI6IiNkb3dubG9hZEJ1dHRvbiJ9XX1d HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:15 GMT
expires: Sun, 07 Apr 2024 16:36:15 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY2xzX3ZhbHVlIiwidmFsIjoiMCJ9XX1d

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY2xzX3ZhbHVlIiwidmFsIjoiMCJ9XX1d HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:15 GMT
expires: Sun, 07 Apr 2024 16:36:15 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzEyNTk0MTc2MDEwIn1dfV0=

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzEyNTk0MTc2MDEwIn1dfV0= HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:17 GMT
expires: Sun, 07 Apr 2024 16:36:17 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZW5nYWdlZF90aW1lIiwidmFsIjoiNSJ9XX1d

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZW5nYWdlZF90aW1lIiwidmFsIjoiNSJ9XX1d HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:20 GMT
expires: Sun, 07 Apr 2024 16:36:20 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZW5nYWdlZF90aW1lIiwidmFsIjoiNiJ9XX1d

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZW5nYWdlZF90aW1lIiwidmFsIjoiNiJ9XX1d HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:24 GMT
expires: Sun, 07 Apr 2024 16:36:24 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoicHZfZXZlbnRfY291bnQiLCJ2YWwiOiIxIn0seyJuYW1lIjoidGltZV9vbl9wYWdlX2V2ZW50IiwidmFsIjoiMzAifV19XQ==

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoicHZfZXZlbnRfY291bnQiLCJ2YWwiOiIxIn0seyJuYW1lIjoidGltZV9vbl9wYWdlX2V2ZW50IiwidmFsIjoiMzAifV19XQ== HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:39 GMT
expires: Sun, 07 Apr 2024 16:36:39 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoicHZfZXZlbnRfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoidGltZV9vbl9wYWdlX2V2ZW50IiwidmFsIjoiNDUifV19XQ==

chrome.exe

Remote address:

35.181.89.222:443

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoicHZfZXZlbnRfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoidGltZV9vbl9wYWdlX2V2ZW50IiwidmFsIjoiNDUifV19XQ== HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:36:55 GMT
expires: Sun, 07 Apr 2024 16:36:55 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
DNS

216.74.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

216.74.22.104.in-addr.arpa

IN PTR

Response
DNS

2.103.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.103.64.172.in-addr.arpa

IN PTR

Response
DNS

8.129.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.129.64.172.in-addr.arpa

IN PTR

Response
DNS

6.242.66.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.242.66.18.in-addr.arpa

IN PTR

Response

6.242.66.18.in-addr.arpa

IN PTR

server-18-66-242-6dus51r cloudfrontnet
DNS

78.73.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

78.73.67.172.in-addr.arpa

IN PTR

Response
DNS

7.4.157.108.in-addr.arpa

Remote address:

8.8.8.8:53

Request

7.4.157.108.in-addr.arpa

IN PTR

Response

7.4.157.108.in-addr.arpa

IN PTR

server-108-157-4-7dus51r cloudfrontnet
DNS

194.23.211.130.in-addr.arpa

Remote address:

8.8.8.8:53

Request

194.23.211.130.in-addr.arpa

IN PTR

Response

194.23.211.130.in-addr.arpa

IN PTR

19423211130bcgoogleusercontentcom
DNS

70.3.26.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

70.3.26.104.in-addr.arpa

IN PTR

Response
DNS

73.80.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

73.80.16.104.in-addr.arpa

IN PTR

Response
DNS

go.ezodn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

go.ezodn.com

IN A

Response

go.ezodn.com

IN A

172.64.136.15

go.ezodn.com

IN A

172.64.137.15
DNS

securepubads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

securepubads.g.doubleclick.net

IN A

Response

securepubads.g.doubleclick.net

IN CNAME

securepubads46.g.doubleclick.net

securepubads46.g.doubleclick.net

IN A

172.217.16.226
DNS

stats.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

stats.g.doubleclick.net

IN A

Response

stats.g.doubleclick.net

IN A

64.233.166.157

stats.g.doubleclick.net

IN A

64.233.166.155

stats.g.doubleclick.net

IN A

64.233.166.154

stats.g.doubleclick.net

IN A

64.233.166.156
DNS

api.amplitude.com

chrome.exe

Remote address:

8.8.8.8:53

Request

api.amplitude.com

IN A

Response

api.amplitude.com

IN A

52.43.234.188

api.amplitude.com

IN A

52.41.216.34

api.amplitude.com

IN A

54.149.201.207

api.amplitude.com

IN A

52.40.192.103

api.amplitude.com

IN A

35.82.189.55

api.amplitude.com

IN A

52.39.50.194

api.amplitude.com

IN A

52.43.96.19

api.amplitude.com

IN A

44.238.108.251
GET

https://go.ezodn.com/detroitchicago/boise.js?gcb=195-12&cb=5

chrome.exe

Remote address:

172.64.136.15:443

Request

GET /detroitchicago/boise.js?gcb=195-12&cb=5 HTTP/2.0
host: go.ezodn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:03 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Mon, 12 Feb 2024 22:42:17 GMT
cf-cache-status: HIT
age: 4816406
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RE4j19Hvew7e9zXZlvdPuOgFcZzQF4%2FyFd53xDXbra0x9C5thKcKLa%2BpsIzzQtrTP6avN0Y2EIDw3bSsgBQSKQfKofHF5cYdLI46lPcCnNjWQGLsxfQSJioxZBKxxmE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8713ac928db3419d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-12&cb=33

chrome.exe

Remote address:

172.64.136.15:443

Request

GET /parsonsmaize/abilene.js?gcb=195-12&cb=33 HTTP/2.0
host: go.ezodn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:03 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Mon, 12 Feb 2024 22:42:19 GMT
cf-cache-status: HIT
age: 1451585
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8NQCksCCb60R7%2BgiBzm2UyAxA6hqDh1AmgiViEu6FWf3QaiVzNxL%2FYhxakC88RJwRoZK0NgKBFjepy44iLy0CdfBlW2%2Bqnus4q0UARvT75OVEKMbcnbc%2BpwtRCC7lMs%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8713ac928daf419d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://go.ezodn.com/porpoiseant/et.js?gcb=195-12&cb=2

chrome.exe

Remote address:

172.64.136.15:443

Request

GET /porpoiseant/et.js?gcb=195-12&cb=2 HTTP/2.0
host: go.ezodn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:03 GMT
content-type: application/javascript
cache-control: public, max-age=31536000
vary: Accept-Encoding
x-middleton-display: sol-js
x-robots-tag: noindex
last-modified: Thu, 18 Jan 2024 09:49:05 GMT
cf-cache-status: HIT
age: 1463267
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0iKWTohL1aOsCgm%2FEUlQglOz8rsAYmuZwuvpgJEsIbRAFVWltv5mv2h9Lp0NS6ctq0R9LmjdDXsCy6iOOmQzZcq%2Fr5KY%2FIO3BhZoIbJ6t7symPbicYNZuc%2FFzJ%2BPttk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 8713ac928db6419d-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400
GET

https://securepubads.g.doubleclick.net/tag/js/gpt.js

chrome.exe

Remote address:

172.217.16.226:443

Request

GET /tag/js/gpt.js HTTP/2.0
host: securepubads.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUn90FsUabAWYjQX7lgrG7b_Q8UkJ9ST1QPasavmV6dUHO_PE5idxK-Z13B95xs
cookie: ar_debug=1
POST

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-829541-1&cid=1152783976.1712594162&jid=1732191179&gjid=972232376&_gid=57189859.1712594162&_u=YEBAAUAAAAAAACAAI~&z=621751543

chrome.exe

Remote address:

64.233.166.157:443

Request

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-829541-1&cid=1152783976.1712594162&jid=1732191179&gjid=972232376&_gid=57189859.1712594162&_u=YEBAAUAAAAAAACAAI~&z=621751543 HTTP/2.0
host: stats.g.doubleclick.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUn90FsUabAWYjQX7lgrG7b_Q8UkJ9ST1QPasavmV6dUHO_PE5idxK-Z13B95xs
cookie: ar_debug=1
DNS

otnolatrnup.com

chrome.exe

Remote address:

8.8.8.8:53

Request

otnolatrnup.com

IN A

Response

otnolatrnup.com

IN A

104.16.53.110

otnolatrnup.com

IN A

104.16.52.110
DNS

translate-pa.googleapis.com

chrome.exe

Remote address:

8.8.8.8:53

Request

translate-pa.googleapis.com

IN A

Response

translate-pa.googleapis.com

IN A

172.217.169.74

translate-pa.googleapis.com

IN A

142.250.179.234

translate-pa.googleapis.com

IN A

142.250.180.10

translate-pa.googleapis.com

IN A

142.250.187.202

translate-pa.googleapis.com

IN A

142.250.187.234

translate-pa.googleapis.com

IN A

142.250.178.10

translate-pa.googleapis.com

IN A

172.217.16.234

translate-pa.googleapis.com

IN A

142.250.200.10

translate-pa.googleapis.com

IN A

142.250.200.42

translate-pa.googleapis.com

IN A

216.58.201.106

translate-pa.googleapis.com

IN A

216.58.204.74

translate-pa.googleapis.com

IN A

172.217.169.10
DNS

prebid.media.net

chrome.exe

Remote address:

8.8.8.8:53

Request

prebid.media.net

IN A

Response

prebid.media.net

IN A

34.120.63.153
DNS

apps.identrust.com

chrome.exe

Remote address:

8.8.8.8:53

Request

apps.identrust.com

IN A

Response

apps.identrust.com

IN CNAME

identrust.edgesuite.net

identrust.edgesuite.net

IN CNAME

a1952.dscq.akamai.net

a1952.dscq.akamai.net

IN A

23.63.101.171

a1952.dscq.akamai.net

IN A

23.63.101.170
DNS

hbopenbid.pubmatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

hbopenbid.pubmatic.com

IN A

Response

hbopenbid.pubmatic.com

IN CNAME

hbprebid-v3.pubmnet.com

hbprebid-v3.pubmnet.com

IN CNAME

hbopenbid-lhrc.pubmnet.com

hbopenbid-lhrc.pubmnet.com

IN A

185.64.190.77
DNS

btlr.sharethrough.com

chrome.exe

Remote address:

8.8.8.8:53

Request

btlr.sharethrough.com

IN A

Response

btlr.sharethrough.com

IN CNAME

btlr-eu-central-1.sharethrough.com

btlr-eu-central-1.sharethrough.com

IN A

35.158.241.145

btlr-eu-central-1.sharethrough.com

IN A

3.125.238.57

btlr-eu-central-1.sharethrough.com

IN A

52.58.156.106

btlr-eu-central-1.sharethrough.com

IN A

18.159.169.71

btlr-eu-central-1.sharethrough.com

IN A

3.124.19.254

btlr-eu-central-1.sharethrough.com

IN A

3.78.8.221

btlr-eu-central-1.sharethrough.com

IN A

18.185.214.238

btlr-eu-central-1.sharethrough.com

IN A

3.70.59.245
DNS

tlx.3lift.com

chrome.exe

Remote address:

8.8.8.8:53

Request

tlx.3lift.com

IN A

Response

tlx.3lift.com

IN CNAME

eu-tlx.3lift.com

eu-tlx.3lift.com

IN A

3.78.168.176

eu-tlx.3lift.com

IN A

18.157.230.4

eu-tlx.3lift.com

IN A

3.124.64.248
DNS

www.google.co.uk

chrome.exe

Remote address:

8.8.8.8:53

Request

www.google.co.uk

IN A

Response

www.google.co.uk

IN A

216.58.201.99
POST

https://prebid.media.net/rtb/prebid?cid=8CUO2689O

chrome.exe

Remote address:

34.120.63.153:443

Request

POST /rtb/prebid?cid=8CUO2689O HTTP/2.0
host: prebid.media.net
content-length: 3240
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://hbopenbid.pubmatic.com/translator?source=prebid-client

chrome.exe

Remote address:

185.64.190.77:443

Request

POST /translator?source=prebid-client HTTP/2.0
host: hbopenbid.pubmatic.com
content-length: 2009
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-credentials: true
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
date: Mon, 08 Apr 2024 16:36:03 GMT
POST

https://hbopenbid.pubmatic.com/translator?source=prebid-client

chrome.exe

Remote address:

185.64.190.77:443

Request

POST /translator?source=prebid-client HTTP/2.0
host: hbopenbid.pubmatic.com
content-length: 2006
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-credentials: true
access-control-allow-origin: https://www.mediafire.com
cache-control: no-cache, no-store, must-revalidate
date: Mon, 08 Apr 2024 16:36:09 GMT
POST

https://tlx.3lift.com/header/auction?lib=prebid&v=8.10.0&referrer=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&tmax=1000

chrome.exe

Remote address:

3.78.168.176:443

Request

POST /header/auction?lib=prebid&v=8.10.0&referrer=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&tmax=1000 HTTP/2.0
host: tlx.3lift.com
content-length: 2351
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
access-control-allow-origin: https://www.mediafire.com
access-control-allow-credentials: true
x-auction-status: 29
x-auction-status: 29
x-auction-status: 29
x-auction-status: 29
vary: Accept-Encoding
content-encoding: gzip
POST

https://tlx.3lift.com/header/auction?lib=prebid&v=8.10.0&referrer=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&tmax=1000

chrome.exe

Remote address:

3.78.168.176:443

Request

POST /header/auction?lib=prebid&v=8.10.0&referrer=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&tmax=1000 HTTP/2.0
host: tlx.3lift.com
content-length: 2351
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
expires: Thu, 15 Oct 1992 20:10:00 GMT
pragma: no-cache
x-xss-protection: 0
access-control-allow-origin: https://www.mediafire.com
access-control-allow-credentials: true
x-auction-status: 29
x-auction-status: 29
x-auction-status: 29
x-auction-status: 29
x-auction-status: 29
vary: Accept-Encoding
content-encoding: gzip
GET

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-829541-1&cid=1152783976.1712594162&jid=1732191179&_u=YEBAAUAAAAAAACAAI~&z=785894244

chrome.exe

Remote address:

216.58.201.99:443

Request

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-829541-1&cid=1152783976.1712594162&jid=1732191179&_u=YEBAAUAAAAAAACAAI~&z=785894244 HTTP/2.0
host: www.google.co.uk
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://apps.identrust.com/roots/dstrootcax3.p7c

chrome.exe

Remote address:

23.63.101.171:80

Request

GET /roots/dstrootcax3.p7c HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: apps.identrust.com

Response

HTTP/1.1 200 OK

X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
X-Content-Type-Options: nosniff
X-Robots-Tag: noindex
Referrer-Policy: same-origin
Last-Modified: Fri, 13 Oct 2023 16:28:31 GMT
ETag: "37d-6079b8c0929c0"
Accept-Ranges: bytes
Content-Length: 893
X-Content-Type-Options: nosniff
X-Frame-Options: sameorigin
Content-Type: application/pkcs7-mime
Cache-Control: max-age=3600
Expires: Mon, 08 Apr 2024 17:36:03 GMT
Date: Mon, 08 Apr 2024 16:36:03 GMT
Connection: keep-alive
DNS

tags.crwdcntrl.net

chrome.exe

Remote address:

8.8.8.8:53

Request

tags.crwdcntrl.net

IN A

Response

tags.crwdcntrl.net

IN A

18.173.233.10

tags.crwdcntrl.net

IN A

18.173.233.119

tags.crwdcntrl.net

IN A

18.173.233.47

tags.crwdcntrl.net

IN A

18.173.233.95
DNS

ad.crwdcntrl.net

chrome.exe

Remote address:

8.8.8.8:53

Request

ad.crwdcntrl.net

IN A

Response

ad.crwdcntrl.net

IN A

54.155.211.205

ad.crwdcntrl.net

IN A

54.229.184.161

ad.crwdcntrl.net

IN A

99.80.66.155

ad.crwdcntrl.net

IN A

108.128.218.76

ad.crwdcntrl.net

IN A

52.48.17.214

ad.crwdcntrl.net

IN A

52.210.166.25

ad.crwdcntrl.net

IN A

52.49.69.142

ad.crwdcntrl.net

IN A

54.77.0.180
DNS

bcp.crwdcntrl.net

chrome.exe

Remote address:

8.8.8.8:53

Request

bcp.crwdcntrl.net

IN A

Response

bcp.crwdcntrl.net

IN A

52.210.166.25

bcp.crwdcntrl.net

IN A

52.49.69.142

bcp.crwdcntrl.net

IN A

108.128.218.76

bcp.crwdcntrl.net

IN A

54.229.184.161

bcp.crwdcntrl.net

IN A

99.80.66.155

bcp.crwdcntrl.net

IN A

54.77.0.180

bcp.crwdcntrl.net

IN A

54.155.27.174

bcp.crwdcntrl.net

IN A

52.48.17.214
GET

https://tags.crwdcntrl.net/c/4545/cc_af.js

chrome.exe

Remote address:

18.173.233.10:443

Request

GET /c/4545/cc_af.js HTTP/2.0
host: tags.crwdcntrl.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: application/json
last-modified: Mon, 03 Oct 2022 20:56:51 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 08 Apr 2024 01:54:27 GMT
cache-control: public, max-age=86400
etag: W/"a4ff03e3d8274ebe2833a0a33a541e12"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4b204087b0bf47138f08161893f143c2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
x-amz-cf-id: mdkLH65cpEQV-Sqwh-Lxm_KeCnt-AJAN7D3ugVD2pTv3IJFI0-1_Bg==
age: 52897
GET

https://tags.crwdcntrl.net/lt/c/16589/sync.min.js

chrome.exe

Remote address:

18.173.233.10:443

Request

GET /lt/c/16589/sync.min.js HTTP/2.0
host: tags.crwdcntrl.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/javascript
last-modified: Wed, 14 Feb 2024 17:39:57 GMT
x-amz-server-side-encryption: AES256
server: AmazonS3
content-encoding: gzip
date: Mon, 08 Apr 2024 02:55:08 GMT
cache-control: public, max-age=86400
etag: W/"21f8671135afbd2e874c42d3dc478afa"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 4b204087b0bf47138f08161893f143c2.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
x-amz-cf-id: 4cAO0HbJ_3ofmcxUHkEBkllOOvImNJ0GSgo51op7ccpcVIP61YHZow==
age: 49264
DNS

analytics.google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

analytics.google.com

IN A

Response

analytics.google.com

IN A

142.250.178.14
POST

https://analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je4430v887485693z86304663za200&_p=1712594161414&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=1000g&cid=1152783976.1712594162&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712594162&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%20V2.apk%2Ffile&dt=Alysse%20V2&en=page_view&_fv=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&tfd=2226

chrome.exe

Remote address:

142.250.178.14:443

Request

POST /g/collect?v=2&tid=G-K68XP6D85D&gtm=45je4430v887485693z86304663za200&_p=1712594161414&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=1000g&cid=1152783976.1712594162&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712594162&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%20V2.apk%2Ffile&dt=Alysse%20V2&en=page_view&_fv=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&tfd=2226 HTTP/2.0
host: analytics.google.com
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://www.youtube.com/iframe_api?version=3

chrome.exe

Remote address:

142.250.178.14:443

Request

GET /iframe_api?version=3 HTTP/2.0
host: www.youtube.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CIr7ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

222.89.181.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

222.89.181.35.in-addr.arpa

IN PTR

Response

222.89.181.35.in-addr.arpa

IN PTR

ec2-35-181-89-222 eu-west-3compute amazonawscom
DNS

15.136.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.136.64.172.in-addr.arpa

IN PTR

Response
DNS

15.136.64.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

15.136.64.172.in-addr.arpa

IN PTR

Response
DNS

226.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.16.217.172.in-addr.arpa

IN PTR

Response

226.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f21e100net

226.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f2�H
DNS

226.16.217.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.16.217.172.in-addr.arpa

IN PTR

Response

226.16.217.172.in-addr.arpa

IN PTR

lhr48s28-in-f21e100net

226.16.217.172.in-addr.arpa

IN PTR

mad08s04-in-f2�H
DNS

157.166.233.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.166.233.64.in-addr.arpa

IN PTR

Response

157.166.233.64.in-addr.arpa

IN PTR

wm-in-f1571e100net
DNS

157.166.233.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

157.166.233.64.in-addr.arpa

IN PTR

Response

157.166.233.64.in-addr.arpa

IN PTR

wm-in-f1571e100net
DNS

188.234.43.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

188.234.43.52.in-addr.arpa

IN PTR

Response

188.234.43.52.in-addr.arpa

IN PTR

ec2-52-43-234-188 us-west-2compute amazonawscom
DNS

188.234.43.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

188.234.43.52.in-addr.arpa

IN PTR

Response

188.234.43.52.in-addr.arpa

IN PTR

ec2-52-43-234-188 us-west-2compute amazonawscom
DNS

153.63.120.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

153.63.120.34.in-addr.arpa

IN PTR

Response

153.63.120.34.in-addr.arpa

IN PTR

1536312034bcgoogleusercontentcom
DNS

145.241.158.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

145.241.158.35.in-addr.arpa

IN PTR

Response

145.241.158.35.in-addr.arpa

IN PTR

ec2-35-158-241-145eu-central-1compute amazonawscom
DNS

77.190.64.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

77.190.64.185.in-addr.arpa

IN PTR

Response
DNS

176.168.78.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

176.168.78.3.in-addr.arpa

IN PTR

Response

176.168.78.3.in-addr.arpa

IN PTR

ec2-3-78-168-176eu-central-1compute amazonawscom
DNS

99.201.58.216.in-addr.arpa

Remote address:

8.8.8.8:53

Request

99.201.58.216.in-addr.arpa

IN PTR

Response

99.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f31e100net

99.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f3�G

99.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f99�G
DNS

171.101.63.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

171.101.63.23.in-addr.arpa

IN PTR

Response

171.101.63.23.in-addr.arpa

IN PTR

a23-63-101-171deploystaticakamaitechnologiescom
DNS

25.166.210.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

25.166.210.52.in-addr.arpa

IN PTR

Response

25.166.210.52.in-addr.arpa

IN PTR

ec2-52-210-166-25 eu-west-1compute amazonawscom
DNS

10.233.173.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

10.233.173.18.in-addr.arpa

IN PTR

Response

10.233.173.18.in-addr.arpa

IN PTR

server-18-173-233-10dus51r cloudfrontnet
DNS

205.211.155.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

205.211.155.54.in-addr.arpa

IN PTR

Response

205.211.155.54.in-addr.arpa

IN PTR

ec2-54-155-211-205 eu-west-1compute amazonawscom
DNS

14.178.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.178.250.142.in-addr.arpa

IN PTR

Response

14.178.250.142.in-addr.arpa

IN PTR

lhr48s27-in-f141e100net
DNS

ads.pubmatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ads.pubmatic.com

IN A

Response

ads.pubmatic.com

IN CNAME

pubmatic.edgekey.net

pubmatic.edgekey.net

IN CNAME

e6603.g.akamaiedge.net

e6603.g.akamaiedge.net

IN A

23.53.112.234
DNS

eb2.3lift.com

chrome.exe

Remote address:

8.8.8.8:53

Request

eb2.3lift.com

IN A

Response

eb2.3lift.com

IN CNAME

eu-eb2.3lift.com

eu-eb2.3lift.com

IN A

76.223.111.18

eu-eb2.3lift.com

IN A

13.248.245.213
GET

https://eb2.3lift.com/sync?

chrome.exe

Remote address:

76.223.111.18:443

Request

GET /sync? HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:07 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
GET

https://eb2.3lift.com/sync?

chrome.exe

Remote address:

76.223.111.18:443

Request

GET /sync? HTTP/2.0
host: eb2.3lift.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:12 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
DNS

contextual.media.net

chrome.exe

Remote address:

8.8.8.8:53

Request

contextual.media.net

IN A

Response

contextual.media.net

IN A

72.246.172.22
GET

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C3020%2C251%2C233%2C2027%2C237%2C359%2C338%2C459%2C97%2C55%2C77%2C3012%2C3011%2C182%2C262%2C461%2C201%2C246%2C4%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

chrome.exe

Remote address:

72.246.172.22:443

Request

GET /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C3020%2C251%2C233%2C2027%2C237%2C359%2C338%2C459%2C97%2C55%2C77%2C3012%2C3011%2C182%2C262%2C461%2C201%2C246%2C4%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1 HTTP/2.0
host: contextual.media.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: Apache
content-type: text/html; charset=UTF-8
x-mnet-hl2: E
strict-transport-security: max-age=31536000
alt-svc: h3=":443"; ma=93600
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Wed, 10 Apr 2024 16:36:07 GMT
date: Mon, 08 Apr 2024 16:36:07 GMT
content-length: 8330
DNS

image6.pubmatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

image6.pubmatic.com

IN A

Response

image6.pubmatic.com

IN CNAME

image6v2.pubmnet.com

image6v2.pubmnet.com

IN CNAME

pugm-amsfpairbc.pubmnet.com

pugm-amsfpairbc.pubmnet.com

IN A

198.47.127.19
GET

https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49798663&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---

chrome.exe

Remote address:

198.47.127.19:443

Request

GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49798663&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP/2.0
host: image6.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:08 GMT
content-length: 0
GET

https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66690409&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.19:443

Request

GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66690409&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: image6.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KADUSERCOOKIE=678B240F-A923-4EC7-8BA2-5658AC011D78; domain=pubmatic.com; path=/; max-age=31536000; SameSite=None; secure;
set-cookie: chkChromeAb67Sec=1; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
set-cookie: pi=158936:2; domain=pubmatic.com; path=/; max-age=86400; SameSite=None; secure;
set-cookie: DPSync3=1713744000%3A201_245_241_235; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
set-cookie: SyncRTB3=1713830400%3A35%7C1713744000%3A54_56_251_3_220_13_71_21%7C1713139200%3A223; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
date: Mon, 08 Apr 2024 16:36:13 GMT
GET

https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69727988&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.19:443

Request

GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69727988&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: image6.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909; domain=pubmatic.com; path=/; max-age=31536000; SameSite=None; secure;
set-cookie: chkChromeAb67Sec=1; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
set-cookie: pi=158936:2; domain=pubmatic.com; path=/; max-age=86400; SameSite=None; secure;
set-cookie: DPSync3=1713744000%3A201_245_241_235; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
set-cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
date: Mon, 08 Apr 2024 16:36:14 GMT
GET

https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

198.47.127.19:443

Request

GET /AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: image6.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: PugT=1712594175
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM

Response

HTTP/2.0 302

content-type: text/html; charset=UTF-8
location: https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date: Mon, 08 Apr 2024 16:36:14 GMT
content-length: 0
GET

https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69448145&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.19:443

Request

GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69448145&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: image6.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: PugT=1712594176
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176

Response

HTTP/2.0 200

content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909; domain=pubmatic.com; path=/; max-age=31536000; SameSite=None; secure;
set-cookie: chkChromeAb67Sec=2; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
set-cookie: pi=158936:4; domain=pubmatic.com; path=/; max-age=86400; SameSite=None; secure;
set-cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
set-cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
date: Mon, 08 Apr 2024 16:36:44 GMT
GET

https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39167512&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.19:443

Request

GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39167512&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: image6.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: PugT=1712594207
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: SPugT=1712594207

Response

HTTP/2.0 200

content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909; domain=pubmatic.com; path=/; max-age=31536000; SameSite=None; secure;
set-cookie: chkChromeAb67Sec=3; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
set-cookie: pi=158936:4; domain=pubmatic.com; path=/; max-age=86400; SameSite=None; secure;
set-cookie: SyncRTB3=1713398400%3A63%7C1713744000%3A220_55_249_8_54_46_176_71_251_22_214_13_166_238_21_3_56_161_254_233_266_264_234_81%7C1713139200%3A2_15_223%7C1713830400%3A35%7C1715126400%3A203; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
date: Mon, 08 Apr 2024 16:36:49 GMT
GET

https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83023220&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.19:443

Request

GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83023220&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: image6.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: chkChromeAb67Sec=3
cookie: SyncRTB3=1713398400%3A63%7C1713744000%3A220_55_249_8_54_46_176_71_251_22_214_13_166_238_21_3_56_161_254_233_266_264_234_81%7C1713139200%3A2_15_223%7C1713830400%3A35%7C1715126400%3A203
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: KRTBCOOKIE_336=5844-2554565571426866805
cookie: KRTBCOOKIE_1277=23327-37883803181144&KRTB&23357-37883803181144
cookie: KRTBCOOKIE_699=22727-AAGz0E7MKDoAABXnInPt6g
cookie: PugT=1712594210
cookie: SPugT=1712594211

Response

HTTP/2.0 200

content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909; domain=pubmatic.com; path=/; max-age=31536000; SameSite=None; secure;
set-cookie: chkChromeAb67Sec=4; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
set-cookie: pi=158936:4; domain=pubmatic.com; path=/; max-age=86400; SameSite=None; secure;
set-cookie: SyncRTB3=1717718400%3A69%7C1713398400%3A63%7C1713830400%3A35%7C1715126400%3A203%7C1713744000%3A251_176_214_266_234_243_165_71_13_3_161_55_249_166_238_56_21_254_264_81_88_220_8_54_46_22_233_99%7C1713139200%3A2_223_15; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
date: Mon, 08 Apr 2024 16:37:15 GMT
GET

https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77943498&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.19:443

Request

GET /AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77943498&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: image6.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: KRTBCOOKIE_336=5844-2554565571426866805
cookie: KRTBCOOKIE_1277=23327-37883803181144&KRTB&23357-37883803181144
cookie: KRTBCOOKIE_699=22727-AAGz0E7MKDoAABXnInPt6g
cookie: chkChromeAb67Sec=4
cookie: SyncRTB3=1717718400%3A69%7C1713398400%3A63%7C1713830400%3A35%7C1715126400%3A203%7C1713744000%3A251_176_214_266_234_243_165_71_13_3_161_55_249_166_238_56_21_254_264_81_88_220_8_54_46_22_233_99%7C1713139200%3A2_223_15
cookie: KRTBCOOKIE_1003=22761-428af14e-f5c6-11ee-a000-e28a488a8b00&KRTB&23275-428af14e-f5c6-11ee-a000-e28a488a8b00
cookie: KRTBCOOKIE_594=17105-RX-bf21b128-10ea-4bea-b586-f21a606463ba-003&KRTB&17107-RX-bf21b128-10ea-4bea-b586-f21a606463ba-003
cookie: KRTBCOOKIE_409=22966-tk2EoAPtRSWXMnUYRWgUXRTa
cookie: PugT=1712594237
cookie: SPugT=1712594238

Response

HTTP/2.0 200

content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
set-cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909; domain=pubmatic.com; path=/; max-age=31536000; SameSite=None; secure;
set-cookie: chkChromeAb67Sec=5; domain=pubmatic.com; path=/; max-age=7776000; SameSite=None; secure;
set-cookie: pi=158936:4; domain=pubmatic.com; path=/; max-age=86400; SameSite=None; secure;
date: Mon, 08 Apr 2024 16:37:20 GMT
content-length: 47
DNS

18.111.223.76.in-addr.arpa

Remote address:

8.8.8.8:53

Request

18.111.223.76.in-addr.arpa

IN PTR

Response

18.111.223.76.in-addr.arpa

IN PTR

a0f671730127a0812awsglobalacceleratorcom
DNS

234.112.53.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

234.112.53.23.in-addr.arpa

IN PTR

Response

234.112.53.23.in-addr.arpa

IN PTR

a23-53-112-234deploystaticakamaitechnologiescom
DNS

22.172.246.72.in-addr.arpa

Remote address:

8.8.8.8:53

Request

22.172.246.72.in-addr.arpa

IN PTR

Response

22.172.246.72.in-addr.arpa

IN PTR

a72-246-172-22deploystaticakamaitechnologiescom
DNS

19.127.47.198.in-addr.arpa

Remote address:

8.8.8.8:53

Request

19.127.47.198.in-addr.arpa

IN PTR

Response
DNS

159.113.53.23.in-addr.arpa

Remote address:

8.8.8.8:53

Request

159.113.53.23.in-addr.arpa

IN PTR

Response

159.113.53.23.in-addr.arpa

IN PTR

a23-53-113-159deploystaticakamaitechnologiescom
DNS

79.121.231.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

79.121.231.20.in-addr.arpa

IN PTR

Response
DNS

110.53.16.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

110.53.16.104.in-addr.arpa

IN PTR

Response
GET

https://g.ezoic.net/cmp/log.gif?dId=484470&dcId=4303&version=9&buttonId=2&consentV2=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

35.181.89.222:443

Request

GET /cmp/log.gif?dId=484470&dcId=4303&version=9&buttonId=2&consentV2=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: g.ezoic.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, POST, PUT, OPTIONS
access-control-allow-origin: https://www.mediafire.com
access-control-max-age: 1728000
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
content-type: image/gif
date: Mon, 08 Apr 2024 16:36:12 GMT
expires: Sun, 07 Apr 2024 16:36:12 GMT
vary: Accept-Encoding,Origin,Access-Control-Request-Method,Access-Control-Request-Headers
x-middleton-display: cmp_sol
content-length: 43
DNS

cdn.jsdelivr.net

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.jsdelivr.net

IN A

Response

cdn.jsdelivr.net

IN CNAME

jsdelivr.map.fastly.net

jsdelivr.map.fastly.net

IN A

151.101.1.229

jsdelivr.map.fastly.net

IN A

151.101.65.229

jsdelivr.map.fastly.net

IN A

151.101.129.229

jsdelivr.map.fastly.net

IN A

151.101.193.229
DNS

cdn.id5-sync.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.id5-sync.com

IN A

Response

cdn.id5-sync.com

IN A

104.22.53.86

cdn.id5-sync.com

IN A

104.22.52.86

cdn.id5-sync.com

IN A

172.67.38.106
DNS

oa.openxcdn.net

chrome.exe

Remote address:

8.8.8.8:53

Request

oa.openxcdn.net

IN A

Response

oa.openxcdn.net

IN A

34.102.146.192
DNS

static.criteo.net

chrome.exe

Remote address:

8.8.8.8:53

Request

static.criteo.net

IN A

Response

static.criteo.net

IN CNAME

static.nl3.vip.prod.criteo.net

static.nl3.vip.prod.criteo.net

IN A

178.250.1.3
DNS

static.criteo.net

chrome.exe

Remote address:

8.8.8.8:53

Request

static.criteo.net

IN A

Response

static.criteo.net

IN CNAME

static.nl3.vip.prod.criteo.net

static.nl3.vip.prod.criteo.net

IN A

178.250.1.3
DNS

cdn.prod.uidapi.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn.prod.uidapi.com

IN A

Response

cdn.prod.uidapi.com

IN CNAME

d2avimlm6gq3h9.cloudfront.net

d2avimlm6gq3h9.cloudfront.net

IN A

18.154.67.92
DNS

invstatic101.creativecdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

invstatic101.creativecdn.com

IN A

Response

invstatic101.creativecdn.com

IN A

34.96.70.87
DNS

invstatic101.creativecdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

invstatic101.creativecdn.com

IN A

Response

invstatic101.creativecdn.com

IN A

34.96.70.87
DNS

cdn-ima.33across.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cdn-ima.33across.com

IN A

Response

cdn-ima.33across.com

IN CNAME

cdn-ima.33across.com.cdn.cloudflare.net

cdn-ima.33across.com.cdn.cloudflare.net

IN A

104.18.35.167

cdn-ima.33across.com.cdn.cloudflare.net

IN A

172.64.152.89
GET

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

chrome.exe

Remote address:

151.101.1.229:443

Request

GET /gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js HTTP/2.0
host: cdn.jsdelivr.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: master
x-jsd-version-type: branch
etag: W/"2dc-IrZxm/sP4aqtIfs1EfEw6Dg5q1Y"
content-encoding: br
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:36:11 GMT
age: 344
x-served-by: cache-fra-eddf8230042-FRA, cache-lcy-eglc8600099-LCY
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 439
DNS

671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com

chrome.exe

Remote address:

8.8.8.8:53

Request

671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com

IN A

Response

671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com

IN CNAME

pagead-googlehosted.l.google.com

pagead-googlehosted.l.google.com

IN A

142.250.180.1
GET

https://cdn-ima.33across.com/ob.js

chrome.exe

Remote address:

104.18.35.167:443

Request

GET /ob.js HTTP/2.0
host: cdn-ima.33across.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:11 GMT
content-type: application/javascript
last-modified: Wed, 20 Mar 2024 17:01:57 GMT
vary: Accept-Encoding
etag: W/"65fb1685-3e0d"
expires: Thu, 11 Apr 2024 16:36:11 GMT
cache-control: public, max-age=259200
content-encoding: gzip
cf-cache-status: HIT
age: 424804
server: cloudflare
cf-ray: 8713acc419527324-LHR
GET

https://cdn.prod.uidapi.com/uid2SecureSignal.js

chrome.exe

Remote address:

18.154.67.92:443

Request

GET /uid2SecureSignal.js HTTP/1.1
Host: cdn.prod.uidapi.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: */*
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: script
Referer: https://www.mediafire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 200 OK

Content-Type: text/javascript
Content-Length: 2776
Connection: keep-alive
x-amz-replication-status: COMPLETED
Last-Modified: Thu, 19 Oct 2023 06:40:11 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: KP_OVZMS6roEW_XJdOd.KnSEmM8GWiP3
Accept-Ranges: bytes
Server: AmazonS3
Date: Mon, 08 Apr 2024 04:40:27 GMT
ETag: "a3a9a9ee8e72db69d54e805f0586c651"
X-Cache: Hit from cloudfront
Via: 1.1 de6f29922e4f6a0a826069fcec45fde6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: DUS51-P4
X-Amz-Cf-Id: l_6gwdc6dX4Z6rVd-o24Krpi3jzPbJUj2XQC65AIeZr-HXyfLxrQdg==
Age: 42945
GET

https://cdn.id5-sync.com/api/1.0/esp.js

chrome.exe

Remote address:

104.22.53.86:443

Request

GET /api/1.0/esp.js HTTP/2.0
host: cdn.id5-sync.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:11 GMT
content-type: text/javascript;charset=utf-8
x-amz-id-2: S64mJX3VdI33zmYe6Ilklfglf0HosmHhLkQSJ3wEoTqad6+d8KPLjessaBDKzpusMtUG2kiUH98=
x-amz-request-id: PNC2K5XPW5M0XP6J
last-modified: Wed, 20 Mar 2024 11:38:58 GMT
etag: W/"7ceb45871763bd74cf4140e0b5fe846a"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=3600
cf-cache-status: HIT
age: 2690
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains; preload
server: cloudflare
cf-ray: 8713acc3fd2a0e74-AMS
content-encoding: gzip
GET

https://oa.openxcdn.net/esp.js

chrome.exe

Remote address:

34.102.146.192:443

Request

GET /esp.js HTTP/2.0
host: oa.openxcdn.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://static.criteo.net/js/ld/publishertag.ids.js

chrome.exe

Remote address:

178.250.1.3:443

Request

GET /js/ld/publishertag.ids.js HTTP/2.0
host: static.criteo.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:11 GMT
content-type: text/javascript
last-modified: Tue, 19 Mar 2024 00:48:43 GMT
etag: W/"65f8e0eb-a5db"
expires: Tue, 09 Apr 2024 16:36:11 GMT
cache-control: max-age=86400
cross-origin-resource-policy: cross-origin
cache-control: public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
GET

https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js

chrome.exe

Remote address:

34.96.70.87:443

Request

GET /encrypted-signals/encrypted-tag-g.js HTTP/2.0
host: invstatic101.creativecdn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

chrome.exe

Remote address:

142.250.180.1:443

Request

GET /safeframe/1-0-40/html/container.html HTTP/2.0
host: 671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

oajs.openx.net

chrome.exe

Remote address:

8.8.8.8:53

Request

oajs.openx.net

IN A

Response

oajs.openx.net

IN A

34.120.135.53

oajs.openx.net

IN A

34.120.107.143
GET

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&rid=esp

chrome.exe

Remote address:

34.120.135.53:443

Request

GET /esp?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&rid=esp HTTP/2.0
host: oajs.openx.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

id5-sync.com

chrome.exe

Remote address:

8.8.8.8:53

Request

id5-sync.com

IN A

Response

id5-sync.com

IN A

162.19.138.116

id5-sync.com

IN A

141.95.98.64

id5-sync.com

IN A

141.95.98.65

id5-sync.com

IN A

162.19.138.118

id5-sync.com

IN A

162.19.138.119

id5-sync.com

IN A

141.95.33.120

id5-sync.com

IN A

162.19.138.120

id5-sync.com

IN A

162.19.138.117

id5-sync.com

IN A

162.19.138.82

id5-sync.com

IN A

162.19.138.83
GET

https://id5-sync.com/api/esp/increment?counter=no-config

chrome.exe

Remote address:

162.19.138.116:443

Request

GET /api/esp/increment?counter=no-config HTTP/2.0
host: id5-sync.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

vary: Origin
vary: Access-Control-Request-Method
vary: Access-Control-Request-Headers
access-control-allow-origin: https://www.mediafire.com
vary: Origin
access-control-allow-credentials: true
date: Mon, 08 Apr 2024 16:36:11 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
DNS

229.1.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

229.1.101.151.in-addr.arpa

IN PTR

Response
DNS

167.35.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

167.35.18.104.in-addr.arpa

IN PTR

Response
DNS

86.53.22.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.53.22.104.in-addr.arpa

IN PTR

Response
DNS

87.70.96.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

87.70.96.34.in-addr.arpa

IN PTR

Response

87.70.96.34.in-addr.arpa

IN PTR

87709634bcgoogleusercontentcom
DNS

87.70.96.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

87.70.96.34.in-addr.arpa

IN PTR

Response

87.70.96.34.in-addr.arpa

IN PTR

87709634bcgoogleusercontentcom
DNS

192.146.102.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

192.146.102.34.in-addr.arpa

IN PTR

Response

192.146.102.34.in-addr.arpa

IN PTR

19214610234bcgoogleusercontentcom
DNS

92.67.154.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

92.67.154.18.in-addr.arpa

IN PTR

Response

92.67.154.18.in-addr.arpa

IN PTR

server-18-154-67-92dus51r cloudfrontnet
DNS

3.1.250.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

3.1.250.178.in-addr.arpa

IN PTR

Response
DNS

1.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.180.250.142.in-addr.arpa

IN PTR

Response

1.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f11e100net
DNS

226.20.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

226.20.18.104.in-addr.arpa

IN PTR

Response
DNS

53.135.120.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

53.135.120.34.in-addr.arpa

IN PTR

Response

53.135.120.34.in-addr.arpa

IN PTR

5313512034bcgoogleusercontentcom
DNS

116.138.19.162.in-addr.arpa

Remote address:

8.8.8.8:53

Request

116.138.19.162.in-addr.arpa

IN PTR

Response

116.138.19.162.in-addr.arpa

IN PTR

ns31533567 ip-162-19-138eu
DNS

google-bidout-d.openx.net

chrome.exe

Remote address:

8.8.8.8:53

Request

google-bidout-d.openx.net

IN A

Response

google-bidout-d.openx.net

IN A

34.98.64.218

google-bidout-d.openx.net

IN A

35.244.159.8
GET

https://google-bidout-d.openx.net/w/1.0/pd?plm=5

chrome.exe

Remote address:

34.98.64.218:443

Request

GET /w/1.0/pd?plm=5 HTTP/2.0
host: google-bidout-d.openx.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: i=6ecd6a2d-30c7-4293-bcf2-5b814b21991c|1712594171
GET

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D

chrome.exe

Remote address:

34.98.64.218:443

Request

GET /w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP/2.0
host: us-u.openx.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: i=6ecd6a2d-30c7-4293-bcf2-5b814b21991c|1712594171
GET

https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgC35crOywwkZjEb_wLeD4&google_cver=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=

chrome.exe

Remote address:

34.98.64.218:443

Request

GET /w/1.0/sd?id=537072991&val=CAESEHgC35crOywwkZjEb_wLeD4&google_cver=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent= HTTP/2.0
host: us-u.openx.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: i=6ecd6a2d-30c7-4293-bcf2-5b814b21991c|1712594171
DNS

us-u.openx.net

chrome.exe

Remote address:

8.8.8.8:53

Request

us-u.openx.net

IN A

Response

us-u.openx.net

IN A

35.244.159.8

us-u.openx.net

IN A

34.98.64.218
DNS

sync.teads.tv

chrome.exe

Remote address:

8.8.8.8:53

Request

sync.teads.tv

IN A

Response

sync.teads.tv

IN CNAME

sync.teads.tv.edgekey.net

sync.teads.tv.edgekey.net

IN CNAME

e9957.e4.akamaiedge.net

e9957.e4.akamaiedge.net

IN A

72.246.173.80
DNS

googleads4.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

googleads4.g.doubleclick.net

IN A

Response

googleads4.g.doubleclick.net

IN A

142.250.200.2
GET

https://sync.teads.tv/um?eid=3&uid=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D

chrome.exe

Remote address:

72.246.173.80:443

Request

GET /um?eid=3&uid=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D HTTP/2.0
host: sync.teads.tv
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/gif
server: pekko-http/1.0.0
content-length: 23
expires: Mon, 08 Apr 2024 16:36:12 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 08 Apr 2024 16:36:12 GMT
set-cookie: tt_viewer=8797175d-dbca-4e89-a77c-7b18c139a4ab; Expires=Mon, 07 Apr 2025 16:36:12 GMT; Max-Age=31449600; Domain=.teads.tv; Path=/; Secure; SameSite=None
GET

https://sync.teads.tv/um?eid=3&uid=CAESELq6vTUe-5Nbom5x5E9vJxk&google_cver=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=

chrome.exe

Remote address:

72.246.173.80:443

Request

GET /um?eid=3&uid=CAESELq6vTUe-5Nbom5x5E9vJxk&google_cver=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent= HTTP/2.0
host: sync.teads.tv
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-type: text/html; charset=UTF-8
location: https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_hm=MmUzNGM4ZTItMDI3Mi00ZmI5LTljMTctZjIyMGQzNjQ0Mzg1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA
server: pekko-http/1.0.0
content-length: 1667
expires: Mon, 08 Apr 2024 16:36:12 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Mon, 08 Apr 2024 16:36:12 GMT
set-cookie: tt_viewer=2e34c8e2-0272-4fb9-9c17-f220d3644385; Expires=Mon, 07 Apr 2025 16:36:12 GMT; Max-Age=31449600; Domain=.teads.tv; Path=/; Secure; SameSite=None
GET

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLi8xcNtqqzMpgn3gfdbRrKQJ7H8riZk2nDPpauDXlUs9Dmbl-GDbpFsEadqGUzll0qwUcshOQ32j7SY4JxfVQqqtrJsGMFPL032Ju77ALSv0z0RytvUGDCwABLUOqxIWvBBPuZLrQlDQcPu84ytSZ12X_dKm8uYI2XRAIFCLL2iIY-GFaGeCn30kk9VvZsWTRTuInpoBKl-4oNbLgwUdaL1RNDVNf3Jb1T-myy7BWvB88mvKcHfFB0ZqP3eH9yOrnAr95MtCzIDvEr8qmNy1nZhWEOxdNhr1triIFQ7e3PQifcoHCB_3LkAhO-rm59VIk7go5PAEsdn6A3f1Qxn4s7_Z3Aoe_ZRl_z_IR4AhDTZjYQ1xyKDGtSfWbHR6fX_dwoWCEXlIV5oQP4eoIvqcwuwmImJILnCuTtLzjK5eXT9pIY9mDrDHdjKJ3Nreh9hyGCcscu_7s-Tbkd3XTjQeXrVBPB81WnCzl8sOQEbTKcGGxn3kcv6GIIVjiHiN3d_Hpj6OAA95FcnUjT6x9ZuZIDxEJ9X_wQhT1S29LlVEybrkX2yTuvnStMAlqVlFHNt-jMzu3iqhTkM2CsVhjIXAQp_i3vqTEYOBvuMLHKtqRa9wkAlZSu42kuF78UHYTVE0GGqEbK85xbybpm-OQVJ27crukFOEFFeRIGRQHeJtUQqg-d0L3Bq_Lo3PkTXaCLjvhSxdFzrFOW8ARpWlNcQyFmQ6v5ELYFcjCaIeOScQbgMKAwgBEhBbkgvGmXP6ePjgSdhE6euuxSG_Qe0FBbXYmu7nKAtzq5pEK9U4DPxlqqVG7kXduRlft3LH3MpE2MUDKGxkhJB_xb7tf8ANOAEOzfO1I67s_s0EiSEN8kNncGpJH-s6kCuqXy13Yh59_wN3gp8cdByF5Oz636Ebw_GZ_zhA_p1UJ9L4qhbIpVEolTb89j-1wQvgsg6k8KvpP0LprMQ-E1VWAr2Y27ixHuu09ZHgoxbR_RkGdDZMIzLGlIoeG8HfESzny-GZwNZdQJjECZaUdHjO3NifDdPQs17AlPe_N6NA_ZIxryQapTuqYX0wxpCARrgvRGUn0Uid19udVwTgiN_QgAd5S2xofJcciBwvDLnUkabiAine0sdI1gbYlIUZRpOISeL6DDKd557XKmLCH-hPaC19tbEG9AoRFXgG5ND4-VplE1y2W4LIvfdko68pbjPnA45KRi9-wYUALNRZRl499utorDCuUIw-R-Rk2Fljb49KC9IDPIDSW-6QsI5rMlbNPM5cU_UU7Y0ddccZs-XHQV0hGLVZ_Ucp1c_IM3trRP2c1KQRhpCUr03m8Iwx9dQD9qCi8F3cLPx_Dyds2Mr5NA7V9TnYN5DOVfgfn2qtjLfTrbI-Y7prxQsHpJXjAriW3t1i6MlpIoCLPw-d5uD2dUGJPT35iMVoOeHeN94Zv8_OKB702Wsf0CsdLxPBxfzPJJX8&sai=AMfl-YRVY41ifcRgqKqmZj1YtOWwawnbsnZipDuYsJpuuoomQS1mlwuZ9ZW-BstZBslm453W-lSrJRG4x1shRy2JZSMRyV-vKew6G1rWJoPeyNT2BH564eEnjtG0QoGOpmqv37eUiFVOnL_y8Dio6MzlwGXFZlE8CRUd_oRhswu8dcsowyzeXMJQXAZIlN_l8qU7WayO0GhFpfz9MnjWHs0NtOrg0_-DAc6CiOuxl0IxiDbHwkyEaLC4_VErzXP5FUaeZEAZKvi3QKZAjlxnBPLQU6PPHl9OoQD5-I2nibNSQfIrh88A2ootCyuLKn4O3-sOPBWf6gPxiAszWPSq7lC4HjuCvIPW07g4Wolnt_y1-qH8nzuBfXA8aqAu46yY5Ke6CbxDDjAEzQTRtFYmrwHbmOD2hmuaVKJOBWgOJSVOfuEcSa4W9I8&sig=Cg0ArKJSzHe-g_iTvfpsEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=539&cbvp=1&cstd=529&cisv=r20240403.08383&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&arae=0&ftch=1&adurl=

chrome.exe

Remote address:

142.250.200.2:443

Request

GET /pcs/view?xai=AKAOjsvLi8xcNtqqzMpgn3gfdbRrKQJ7H8riZk2nDPpauDXlUs9Dmbl-GDbpFsEadqGUzll0qwUcshOQ32j7SY4JxfVQqqtrJsGMFPL032Ju77ALSv0z0RytvUGDCwABLUOqxIWvBBPuZLrQlDQcPu84ytSZ12X_dKm8uYI2XRAIFCLL2iIY-GFaGeCn30kk9VvZsWTRTuInpoBKl-4oNbLgwUdaL1RNDVNf3Jb1T-myy7BWvB88mvKcHfFB0ZqP3eH9yOrnAr95MtCzIDvEr8qmNy1nZhWEOxdNhr1triIFQ7e3PQifcoHCB_3LkAhO-rm59VIk7go5PAEsdn6A3f1Qxn4s7_Z3Aoe_ZRl_z_IR4AhDTZjYQ1xyKDGtSfWbHR6fX_dwoWCEXlIV5oQP4eoIvqcwuwmImJILnCuTtLzjK5eXT9pIY9mDrDHdjKJ3Nreh9hyGCcscu_7s-Tbkd3XTjQeXrVBPB81WnCzl8sOQEbTKcGGxn3kcv6GIIVjiHiN3d_Hpj6OAA95FcnUjT6x9ZuZIDxEJ9X_wQhT1S29LlVEybrkX2yTuvnStMAlqVlFHNt-jMzu3iqhTkM2CsVhjIXAQp_i3vqTEYOBvuMLHKtqRa9wkAlZSu42kuF78UHYTVE0GGqEbK85xbybpm-OQVJ27crukFOEFFeRIGRQHeJtUQqg-d0L3Bq_Lo3PkTXaCLjvhSxdFzrFOW8ARpWlNcQyFmQ6v5ELYFcjCaIeOScQbgMKAwgBEhBbkgvGmXP6ePjgSdhE6euuxSG_Qe0FBbXYmu7nKAtzq5pEK9U4DPxlqqVG7kXduRlft3LH3MpE2MUDKGxkhJB_xb7tf8ANOAEOzfO1I67s_s0EiSEN8kNncGpJH-s6kCuqXy13Yh59_wN3gp8cdByF5Oz636Ebw_GZ_zhA_p1UJ9L4qhbIpVEolTb89j-1wQvgsg6k8KvpP0LprMQ-E1VWAr2Y27ixHuu09ZHgoxbR_RkGdDZMIzLGlIoeG8HfESzny-GZwNZdQJjECZaUdHjO3NifDdPQs17AlPe_N6NA_ZIxryQapTuqYX0wxpCARrgvRGUn0Uid19udVwTgiN_QgAd5S2xofJcciBwvDLnUkabiAine0sdI1gbYlIUZRpOISeL6DDKd557XKmLCH-hPaC19tbEG9AoRFXgG5ND4-VplE1y2W4LIvfdko68pbjPnA45KRi9-wYUALNRZRl499utorDCuUIw-R-Rk2Fljb49KC9IDPIDSW-6QsI5rMlbNPM5cU_UU7Y0ddccZs-XHQV0hGLVZ_Ucp1c_IM3trRP2c1KQRhpCUr03m8Iwx9dQD9qCi8F3cLPx_Dyds2Mr5NA7V9TnYN5DOVfgfn2qtjLfTrbI-Y7prxQsHpJXjAriW3t1i6MlpIoCLPw-d5uD2dUGJPT35iMVoOeHeN94Zv8_OKB702Wsf0CsdLxPBxfzPJJX8&sai=AMfl-YRVY41ifcRgqKqmZj1YtOWwawnbsnZipDuYsJpuuoomQS1mlwuZ9ZW-BstZBslm453W-lSrJRG4x1shRy2JZSMRyV-vKew6G1rWJoPeyNT2BH564eEnjtG0QoGOpmqv37eUiFVOnL_y8Dio6MzlwGXFZlE8CRUd_oRhswu8dcsowyzeXMJQXAZIlN_l8qU7WayO0GhFpfz9MnjWHs0NtOrg0_-DAc6CiOuxl0IxiDbHwkyEaLC4_VErzXP5FUaeZEAZKvi3QKZAjlxnBPLQU6PPHl9OoQD5-I2nibNSQfIrh88A2ootCyuLKn4O3-sOPBWf6gPxiAszWPSq7lC4HjuCvIPW07g4Wolnt_y1-qH8nzuBfXA8aqAu46yY5Ke6CbxDDjAEzQTRtFYmrwHbmOD2hmuaVKJOBWgOJSVOfuEcSa4W9I8&sig=Cg0ArKJSzHe-g_iTvfpsEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=539&cbvp=1&cstd=529&cisv=r20240403.08383&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&arae=0&ftch=1&adurl= HTTP/2.0
host: googleads4.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUn90FsUabAWYjQX7lgrG7b_Q8UkJ9ST1QPasavmV6dUHO_PE5idxK-Z13B95xs
cookie: ar_debug=1
GET

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssykNiVNKZ-QbZ5FffssthEKMae7qUjTOJxc7BwCRkYjj0S2r4_DMxwXw-YrQU4e6yxfQvxDRR0rOGpjgBGJusHT03eOxxu_TFrYroKNb9GvfdHs3Kh8O9J04A7Mlrk4U647UUvrv0ZBoTmRBbxz-pxQ-QvT-sNm7tGnQsg5nDH34dxC6in1A-Z29UMASdOUo_v5fu7tZb5LvrVo7UhFu91cgI-8w3HyyB6Q5aA1TQjRi2XtBvySQfXpPncEEwOF8B78JIW99dCVl5g_aQey9SVk6LFczK3xBKicQhuCnecwswezjryfYgbBBRQWj7ZGDc1devtdjzUMINK7nZEqBkNqxBNG3Isqy1IUbPuKknCazPzCxnBSJ3uGT42Lyu-zcroVWXOuRKV_h6bdS1Wt4cN6WaADugE32KegjMtNl2DEnbL14Gr2BJew_jaNAvhBjg_5q0bDusdiy21flwfNjtDkn_L2iLlxCAiPBaGDoYC-AqMC1pMGnd4iUnrYuqhQ1XMAenBXH_x1ETlNBeKFNQs0whIUNrr_AccAR3q-eDoRv7ngjSxvwzsdotBHYbd4y6yupCXMEAc9dj_b8j3dI4XuXIVIqyPNgou-2XHfp9dXnNS9HVopwT-E_ZtUgZAu1WIF5St76SFq0dA0olRjIHq9Kv8IitfnOekTGyKQZPh3GWStHhsB1-6c9rULeaX-yWyZGAxuJwVD-PaI962txBpXNSocGcoRghanjSvOoE7yON5NNV3eIj1GYfoCO7BVz4tO1da2kVsKgqMFedAk261bSYp21P-yZ1X_Cs6VcWSHA3fOetVgKHG8eo8GM5X19wB0NjT-_hmBhawdSBxpbb8ihxPfp4ntfxz3A5fsvYMItAPOs3Qjj_H8UGzDuutsrXbR2TZVL-SGdoDyMD3S21Q42657FflbqDO8xhQ2WJ13srnJ47PFjAm100Z01XO3vqsqfupqrf6W-MDoRieRJcOVyujDUhY2L3ykFFpMwJhDFEeuvP-RRY5267PrAKtdbI3pMay0be8jhj0TQgoamtTMg8_UqEMF9mc6UKh_MyuHYlEhu61nfEZojlmcsfpfhoXDjmj_lqkPgQSZsrIbMHWlqD9xh9GcSbSUJp7ov42XCl73yQjLKOHEqujLQ2DT9XfSEh7CIchelAAepBIq9FyrwAaRDHKe3LXLWjD2etMFssO8eoa1t_51iyxiFAMAnueA_A52mxpdmW63pyN5i0eCYkPY14ZK_jL2jYAknH2-wOXDKe4nt0lGQ27TbQqPfFM-OH4TB0SkR4tq1DeZCrYnlm3bjjflwMkanWjp6sM4thahWB5YVjnVDLjTyV3Sp0ogMa8lCX7D_j0LyMpoz1UKz5gd3i8ULczIF4UeXg97oqv6iPIR_OQzfW6OxyolqmiAP7BT-owC5Xw-YEgvQ0iM8bbZ8MHRiu7lZiW3B1yIklhkeTmdQY69c0&sai=AMfl-YSQHzEOaIqvGbYOMcC--en8eANBxszuNti7eUB-kHRjERhRMWUaIJP-dPvmN9Cs9cw3FgQ2DwJHa59db7oi5fRTCU_Iww3SJVkjIFEEJoC-2wjJ3D3tJKZShWqytX6UNhBXhTBH8OoXghrQbTRB4WIVk_cItSXpr-YHUeXIz8FHj1xaZFvgxiv3OhZ3BgF2NTea-DmeUaABRXKpQM2MJs2plimLDIxzoBRhvfXdNotcjVK2hZI6AmGqe51XTGNiY-UIHElKatIoczxVNR07ADqW1IrkYIqcHJDolzq1x6UAlBcaNW0ugF7BKewCkfVk_MFUO8J7LieqiwT1YcXgA5R4d4BXEeGQng78EGgj_UaVGSVFsqiHpHDGZQJW1fHPlZdo1-VKhuIfkJdBcBI4-eaTW-PKl8IpvhzN1dzKyAgxTPQ&sig=Cg0ArKJSzPGHFB3TE9G9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=148&cisv=r20240403.29653&arae=0&ftch=1&adurl=

chrome.exe

Remote address:

142.250.200.2:443

Request

GET /pcs/view?xai=AKAOjssykNiVNKZ-QbZ5FffssthEKMae7qUjTOJxc7BwCRkYjj0S2r4_DMxwXw-YrQU4e6yxfQvxDRR0rOGpjgBGJusHT03eOxxu_TFrYroKNb9GvfdHs3Kh8O9J04A7Mlrk4U647UUvrv0ZBoTmRBbxz-pxQ-QvT-sNm7tGnQsg5nDH34dxC6in1A-Z29UMASdOUo_v5fu7tZb5LvrVo7UhFu91cgI-8w3HyyB6Q5aA1TQjRi2XtBvySQfXpPncEEwOF8B78JIW99dCVl5g_aQey9SVk6LFczK3xBKicQhuCnecwswezjryfYgbBBRQWj7ZGDc1devtdjzUMINK7nZEqBkNqxBNG3Isqy1IUbPuKknCazPzCxnBSJ3uGT42Lyu-zcroVWXOuRKV_h6bdS1Wt4cN6WaADugE32KegjMtNl2DEnbL14Gr2BJew_jaNAvhBjg_5q0bDusdiy21flwfNjtDkn_L2iLlxCAiPBaGDoYC-AqMC1pMGnd4iUnrYuqhQ1XMAenBXH_x1ETlNBeKFNQs0whIUNrr_AccAR3q-eDoRv7ngjSxvwzsdotBHYbd4y6yupCXMEAc9dj_b8j3dI4XuXIVIqyPNgou-2XHfp9dXnNS9HVopwT-E_ZtUgZAu1WIF5St76SFq0dA0olRjIHq9Kv8IitfnOekTGyKQZPh3GWStHhsB1-6c9rULeaX-yWyZGAxuJwVD-PaI962txBpXNSocGcoRghanjSvOoE7yON5NNV3eIj1GYfoCO7BVz4tO1da2kVsKgqMFedAk261bSYp21P-yZ1X_Cs6VcWSHA3fOetVgKHG8eo8GM5X19wB0NjT-_hmBhawdSBxpbb8ihxPfp4ntfxz3A5fsvYMItAPOs3Qjj_H8UGzDuutsrXbR2TZVL-SGdoDyMD3S21Q42657FflbqDO8xhQ2WJ13srnJ47PFjAm100Z01XO3vqsqfupqrf6W-MDoRieRJcOVyujDUhY2L3ykFFpMwJhDFEeuvP-RRY5267PrAKtdbI3pMay0be8jhj0TQgoamtTMg8_UqEMF9mc6UKh_MyuHYlEhu61nfEZojlmcsfpfhoXDjmj_lqkPgQSZsrIbMHWlqD9xh9GcSbSUJp7ov42XCl73yQjLKOHEqujLQ2DT9XfSEh7CIchelAAepBIq9FyrwAaRDHKe3LXLWjD2etMFssO8eoa1t_51iyxiFAMAnueA_A52mxpdmW63pyN5i0eCYkPY14ZK_jL2jYAknH2-wOXDKe4nt0lGQ27TbQqPfFM-OH4TB0SkR4tq1DeZCrYnlm3bjjflwMkanWjp6sM4thahWB5YVjnVDLjTyV3Sp0ogMa8lCX7D_j0LyMpoz1UKz5gd3i8ULczIF4UeXg97oqv6iPIR_OQzfW6OxyolqmiAP7BT-owC5Xw-YEgvQ0iM8bbZ8MHRiu7lZiW3B1yIklhkeTmdQY69c0&sai=AMfl-YSQHzEOaIqvGbYOMcC--en8eANBxszuNti7eUB-kHRjERhRMWUaIJP-dPvmN9Cs9cw3FgQ2DwJHa59db7oi5fRTCU_Iww3SJVkjIFEEJoC-2wjJ3D3tJKZShWqytX6UNhBXhTBH8OoXghrQbTRB4WIVk_cItSXpr-YHUeXIz8FHj1xaZFvgxiv3OhZ3BgF2NTea-DmeUaABRXKpQM2MJs2plimLDIxzoBRhvfXdNotcjVK2hZI6AmGqe51XTGNiY-UIHElKatIoczxVNR07ADqW1IrkYIqcHJDolzq1x6UAlBcaNW0ugF7BKewCkfVk_MFUO8J7LieqiwT1YcXgA5R4d4BXEeGQng78EGgj_UaVGSVFsqiHpHDGZQJW1fHPlZdo1-VKhuIfkJdBcBI4-eaTW-PKl8IpvhzN1dzKyAgxTPQ&sig=Cg0ArKJSzPGHFB3TE9G9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=148&cisv=r20240403.29653&arae=0&ftch=1&adurl= HTTP/2.0
host: googleads4.g.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUn90FsUabAWYjQX7lgrG7b_Q8UkJ9ST1QPasavmV6dUHO_PE5idxK-Z13B95xs
cookie: ar_debug=1
DNS

gum.criteo.com

chrome.exe

Remote address:

8.8.8.8:53

Request

gum.criteo.com

IN A

Response

gum.criteo.com

IN CNAME

gum.nl3.vip.prod.criteo.com

gum.nl3.vip.prod.criteo.com

IN A

178.250.1.11
GET

https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mediafire.com&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---&gpp=&gpp_sid=-1

chrome.exe

Remote address:

178.250.1.11:443

Request

GET /syncframe?origin=publishertagids&topUrl=www.mediafire.com&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---&gpp=&gpp_sid=-1 HTTP/2.0
host: gum.criteo.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: text/html; charset=utf-8
date: Mon, 08 Apr 2024 16:36:12 GMT
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
set-cookie: uid=c5cbe1c4-69e2-4c42-a082-bee5afed4bac; expires=Sat, 03 May 2025 16:36:12 GMT; domain=.criteo.com; path=/; secure; samesite=none
x-robots-tag: noindex
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 542214
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
GET

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mediafire.com&sn=ChromeSyncframe&so=0&topUrl=www.mediafire.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

chrome.exe

Remote address:

178.250.1.11:443

Request

GET /sid/json?origin=publishertagids&domain=mediafire.com&sn=ChromeSyncframe&so=0&topUrl=www.mediafire.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP/2.0
host: gum.criteo.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mediafire.com&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---&gpp=&gpp_sid=-1
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=c5cbe1c4-69e2-4c42-a082-bee5afed4bac

Response

HTTP/2.0 200

content-type: application/json; charset=utf-8
date: Mon, 08 Apr 2024 16:36:13 GMT
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
server-processing-duration-in-ticks: 1241440
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
DNS

download2389.mediafire.com

chrome.exe

Remote address:

8.8.8.8:53

Request

download2389.mediafire.com

IN A

Response

download2389.mediafire.com

IN A

199.91.155.130
GET

https://download2389.mediafire.com/sa2xsaqut4kggNYApg1aBN_OjX_HyLfI4rh-m2xeA-x79D7EiqqX9DTd5MjXcq9V8urrpESyEBPQJkeLQWTQFcdGJ1rQggkCfZZaNlsiOMeVa2ONb66qi344mo2rb8iGgsWGJKyz80wuPioau9NiKpYiK4u4DF_l3Iu2-b1lgLBk/uzn1akdxuvmydla/Alysse+V2.apk

chrome.exe

Remote address:

199.91.155.130:443

Request

GET /sa2xsaqut4kggNYApg1aBN_OjX_HyLfI4rh-m2xeA-x79D7EiqqX9DTd5MjXcq9V8urrpESyEBPQJkeLQWTQFcdGJ1rQggkCfZZaNlsiOMeVa2ONb66qi344mo2rb8iGgsWGJKyz80wuPioau9NiKpYiK4u4DF_l3Iu2-b1lgLBk/uzn1akdxuvmydla/Alysse+V2.apk HTTP/1.1
Host: download2389.mediafire.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: document
Referer: https://www.mediafire.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: __cf_bm=gDGMzXVoJdHnIeNJ4SlTyNs.8g80KfYfUS61pHSDkTg-1712594159-1.0.1.1-JEhoU7sYJZxa_FfdwlgEzdjgG3w.8zm6JBSDw67segkqeslDk9Ph3lWNUmMSJh9cZy5vB01t73AdAWKERRazRg; uzsa=1; conv_tracking_data-2=%7B%22mf_source%22%3A%22regular_download-59%22%2C%22mf_content%22%3A%22Free%22%2C%22mf_medium%22%3A%22windows%5C%2FChrome%22%2C%22mf_campaign%22%3A%22uzn1akdxuvmydla%22%2C%22mf_term%22%3A%22b3fce15d739b9dc40404d96303a74b65%22%7D; ukey=q3cgtoen9nbtft8gw3bvag3nt8x4stwt; _gid=GA1.2.57189859.1712594162; _gat_gtag_UA_829541_1=1; ezoab_484470=mod291; ezoadgid_484470=-1; ezoref_484470=; ezosuibasgeneris-1=db5f95c4-d256-4744-4237-ac1157769da5; lp_484470=https://www.mediafire.com/file/uzn1akdxuvmydla/Alysse%20V2.apk/file; ezovuuid_484470=f78b612a-eb4c-4dcc-6680-693f0cdde6a2; cf_clearance=JMRI4rMwhFpGrXoCmPFUrgmZ9NTUrfoKpGFWjAQwDYo-1712594163-1.0.1.1-HlAwDOXhKXEqzfg2XMQtSvK0COowcdnbWgbnegPFYQqktfbUQe3NND.qYsuHYjBUvStKSMmI_USqklG0Q72aoQ; amp_28916b=wNhLVZnW7DiTgaKQQ3z7Yv...1hqv924ed.1hqv929tf.0.2.2; ezovuuidtime_484470=1712594168; active_template::484470=orig_site.1712594168; ezopvc_484470=2; _ga=GA1.1.1152783976.1712594162; ez-consent-tcf=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA; _cc_id=3c111862b263eec250ac64a5d416e542; panoramaId_expiry=1713198971440; panoramaId=1818aea65f1a8e7e55873ea77b67185ca02ce24a69d63dbe9144abc923e429fa; panoramaIdType=panoDevice; FCNEC=%5B%5B%22AKsRol_1vvsryFRnLD9ZlLFENRGcj_B1m3aXJmS7x4foCRnkFviuChwuteYKGQ1T9gQBVLrB99tGy3paE7F2N3i4MSIIX0mFnnQRlQxwb0dlNNqdTTWsaYSOIhNckEGf7TecCtXQ-Nl6aJnsDvNVhVurSbQjiHLOsg%3D%3D%22%5D%5D; __gads=ID=638c3ec476e30355:T=1712594171:RT=1712594171:S=ALNI_MbLYQbbzkHv_-M0yRN08W7CwXdSjA; __gpi=UID=00000d59aa2fc82c:T=1712594171:RT=1712594171:S=ALNI_MbFMiqSpU95XF_NRcI96Il06RLgog; __eoi=ID=62c8d9d868ee9299:T=1712594171:RT=1712594171:S=AA-AfjZDJ5TP_bpk6VtrrYajbVsg; _ga_K68XP6D85D=GS1.1.1712594162.1.1.1712594171.51.0.0

Response

HTTP/1.1 200 OK

server: bd-0.1.27
content-type: application/vnd.android.package-archive
accept-ranges: bytes
connection: close
cache-control: no-store
x-robots-tag: noindex, nofollow
content-disposition: attachment; filename="Alysse V2.apk"
content-length: 140613591
date: Mon, 08 Apr 2024 16:36:12 GMT
DNS

218.64.98.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

218.64.98.34.in-addr.arpa

IN PTR

Response

218.64.98.34.in-addr.arpa

IN PTR

218649834bcgoogleusercontentcom
DNS

80.173.246.72.in-addr.arpa

Remote address:

8.8.8.8:53

Request

80.173.246.72.in-addr.arpa

IN PTR

Response

80.173.246.72.in-addr.arpa

IN PTR

a72-246-173-80deploystaticakamaitechnologiescom
DNS

2.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.200.250.142.in-addr.arpa

IN PTR

Response

2.200.250.142.in-addr.arpa

IN PTR

lhr48s29-in-f21e100net
DNS

11.1.250.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.1.250.178.in-addr.arpa

IN PTR

Response
GET

http://otnolatrnup.com/hideref.engine?d=https%3A%2F%2Fworeppercomming.com%2F90c1a7c4-9526-4fe6-befc-18062e96619e%3Fcampaignname%3D2_OperaGX%26placementname%3D2_OperaGX_UK_Win_101%26bid%3D6.785%26totalcpv%3D0.006785%26channel%3DFile%2BHosting%2B%2526%2BSharing%26subchannel%3DFile%2BHosting%2B%2526%2BSharing%26medianame%3D2_OperaGX_WW_5.22%26keywords%3Donline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%2Conline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%26sourceid%3D101%26domainid%3D1%26cpv%3D0.006785%26s2sParam%3Dac1e93e9-440e-4e0e-a7a3-83caf7ed464c

chrome.exe

Remote address:

104.16.53.110:80

Request

GET /hideref.engine?d=https%3A%2F%2Fworeppercomming.com%2F90c1a7c4-9526-4fe6-befc-18062e96619e%3Fcampaignname%3D2_OperaGX%26placementname%3D2_OperaGX_UK_Win_101%26bid%3D6.785%26totalcpv%3D0.006785%26channel%3DFile%2BHosting%2B%2526%2BSharing%26subchannel%3DFile%2BHosting%2B%2526%2BSharing%26medianame%3D2_OperaGX_WW_5.22%26keywords%3Donline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%2Conline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%26sourceid%3D101%26domainid%3D1%26cpv%3D0.006785%26s2sParam%3Dac1e93e9-440e-4e0e-a7a3-83caf7ed464c HTTP/1.1
Host: otnolatrnup.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Date: Mon, 08 Apr 2024 16:36:14 GMT
Content-Length: 0
Connection: keep-alive
Location: https://otnolatrnup.com/hideref.engine?d=https%3A%2F%2Fworeppercomming.com%2F90c1a7c4-9526-4fe6-befc-18062e96619e%3Fcampaignname%3D2_OperaGX%26placementname%3D2_OperaGX_UK_Win_101%26bid%3D6.785%26totalcpv%3D0.006785%26channel%3DFile%2BHosting%2B%2526%2BSharing%26subchannel%3DFile%2BHosting%2B%2526%2BSharing%26medianame%3D2_OperaGX_WW_5.22%26keywords%3Donline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%2Conline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%26sourceid%3D101%26domainid%3D1%26cpv%3D0.006785%26s2sParam%3Dac1e93e9-440e-4e0e-a7a3-83caf7ed464c
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 8713acd3d8807780-LHR
alt-svc: h3=":443"; ma=86400
DNS

130.155.91.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

130.155.91.199.in-addr.arpa

IN PTR

Response
DNS

130.155.91.199.in-addr.arpa

Remote address:

8.8.8.8:53

Request

130.155.91.199.in-addr.arpa

IN PTR

Response
DNS

woreppercomming.com

chrome.exe

Remote address:

8.8.8.8:53

Request

woreppercomming.com

IN A

Response

woreppercomming.com

IN A

18.173.233.49

woreppercomming.com

IN A

18.173.233.112

woreppercomming.com

IN A

18.173.233.82

woreppercomming.com

IN A

18.173.233.68
GET

https://woreppercomming.com/90c1a7c4-9526-4fe6-befc-18062e96619e?campaignname=2_OperaGX&placementname=2_OperaGX_UK_Win_101&bid=6.785&totalcpv=0.006785&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=1&cpv=0.006785&s2sParam=ac1e93e9-440e-4e0e-a7a3-83caf7ed464c

chrome.exe

Remote address:

18.173.233.49:443

Request

GET /90c1a7c4-9526-4fe6-befc-18062e96619e?campaignname=2_OperaGX&placementname=2_OperaGX_UK_Win_101&bid=6.785&totalcpv=0.006785&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=1&cpv=0.006785&s2sParam=ac1e93e9-440e-4e0e-a7a3-83caf7ed464c HTTP/2.0
host: woreppercomming.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 307

content-length: 0
location: https://woreppercomming.com/90c1a7c4-9526-4fe6-befc-18062e96619e/2?campaignname=2_OperaGX&placementname=2_OperaGX_UK_Win_101&bid=6.785&totalcpv=0.006785&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=1&cpv=0.006785&s2sParam=ac1e93e9-440e-4e0e-a7a3-83caf7ed464c
date: Mon, 08 Apr 2024 16:36:14 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
accept-ch: sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-full-version-list,sec-ch-ua-full-version,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-ua,sec-ch-ua-mobile,sec-ch-ua-platform
server: nginx
x-cache: Miss from cloudfront
via: 1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
x-amz-cf-id: pNQZOAu2hXL34EXaqSYvIdXr3GC7KHJ8A-edpZZI2hpxnEHcFa3pOQ==
GET

https://woreppercomming.com/90c1a7c4-9526-4fe6-befc-18062e96619e/2?campaignname=2_OperaGX&placementname=2_OperaGX_UK_Win_101&bid=6.785&totalcpv=0.006785&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=1&cpv=0.006785&s2sParam=ac1e93e9-440e-4e0e-a7a3-83caf7ed464c

chrome.exe

Remote address:

18.173.233.49:443

Request

GET /90c1a7c4-9526-4fe6-befc-18062e96619e/2?campaignname=2_OperaGX&placementname=2_OperaGX_UK_Win_101&bid=6.785&totalcpv=0.006785&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=1&cpv=0.006785&s2sParam=ac1e93e9-440e-4e0e-a7a3-83caf7ed464c HTTP/2.0
host: woreppercomming.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-full-version: "106.0.5249.119"
sec-ch-ua-arch: "x86"
sec-ch-ua-platform: "Windows"
sec-ch-ua-platform-version: "10.0.0"
sec-ch-ua-model: ""
sec-ch-ua-bitness: "64"
sec-ch-ua-full-version-list: "Chromium";v="106.0.5249.119", "Google Chrome";v="106.0.5249.119", "Not;A=Brand";v="99.0.0.0"
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

content-length: 0
location: https://www.ovardu.com/cmp/3KR94Q8/P5HPHB/?sub1=c25be22e-ac35-4bba-a2b8-212f01034d26&sub2=weanird3glb72oe03jal3l18
date: Mon, 08 Apr 2024 16:36:14 GMT
cache-control: no-store, no-cache, pre-check=0, post-check=0
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
set-cookie: 90c1a7c4-9526-4fe6-befc-18062e96619e-v4=PE5h2qefOQCSb5rGo5G0Eun3GTkD3QyGbkZbR7Uzq9Q; Max-Age=86400; Expires=Tue, 09-Apr-2024 16:36:14 GMT; Domain=woreppercomming.com; Path=/; Secure; HttpOnly;SameSite=None
set-cookie: voluum-cid-v4=%7B%22cid%22%3A%22weanird3glb72oe03jal3l18%22%2C%22caid%22%3A%2290c1a7c4-9526-4fe6-befc-18062e96619e%22%7D; Max-Age=31536000; Expires=Tue, 08-Apr-2025 16:36:14 GMT; Domain=woreppercomming.com; Path=/; Secure; HttpOnly;SameSite=None
server: nginx
x-cache: Miss from cloudfront
via: 1.1 5d0912c35e9204f7d29389a532977880.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P3
x-amz-cf-id: aaXK-OaN0Z0Rv3Bvgv599QdsxORqQCyhD9v3BUcNv6QrO2az2rnZvA==
DNS

www.ovardu.com

chrome.exe

Remote address:

8.8.8.8:53

Request

www.ovardu.com

IN A

Response

www.ovardu.com

IN A

172.67.174.4

www.ovardu.com

IN A

104.21.96.72
DNS

dis.criteo.com

chrome.exe

Remote address:

8.8.8.8:53

Request

dis.criteo.com

IN A

Response

dis.criteo.com

IN CNAME

widget.nl3.vip.prod.criteo.com

widget.nl3.vip.prod.criteo.com

IN A

178.250.1.9
DNS

aax-eu.amazon-adsystem.com

chrome.exe

Remote address:

8.8.8.8:53

Request

aax-eu.amazon-adsystem.com

IN A

Response

aax-eu.amazon-adsystem.com

IN A

67.220.226.233
DNS

sync.crwdcntrl.net

chrome.exe

Remote address:

8.8.8.8:53

Request

sync.crwdcntrl.net

IN A

Response

sync.crwdcntrl.net

IN A

54.77.0.180

sync.crwdcntrl.net

IN A

108.128.218.76

sync.crwdcntrl.net

IN A

52.49.69.142

sync.crwdcntrl.net

IN A

54.155.211.205

sync.crwdcntrl.net

IN A

52.210.166.25

sync.crwdcntrl.net

IN A

52.48.17.214

sync.crwdcntrl.net

IN A

54.229.184.161

sync.crwdcntrl.net

IN A

99.80.66.155
GET

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

chrome.exe

Remote address:

178.250.1.9:443

Request

GET /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP/2.0
host: dis.criteo.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=c5cbe1c4-69e2-4c42-a082-bee5afed4bac

Response

HTTP/2.0 302

content-length: 0
date: Mon, 08 Apr 2024 16:36:14 GMT
server: Kestrel
cache-control: no-cache
expires: Mon, 08 Apr 2024 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA
pragma: no-cache
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1071657
strict-transport-security: max-age=31536000; preload;
GET

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

chrome.exe

Remote address:

178.250.1.9:443

Request

GET /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@ HTTP/2.0
host: dis.criteo.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=c5cbe1c4-69e2-4c42-a082-bee5afed4bac

Response

HTTP/2.0 302

content-length: 0
date: Mon, 08 Apr 2024 16:36:15 GMT
server: Kestrel
cache-control: no-cache
expires: Mon, 08 Apr 2024 00:00:00 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA
pragma: no-cache
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 719964
strict-transport-security: max-age=31536000; preload;
GET

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

67.220.226.233:443

Request

GET /s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/1.1
Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

Server: Server
Date: Mon, 08 Apr 2024 16:36:15 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: 92CG9S4R6D8PKGBMKGA6
Set-Cookie: ad-id=A_rxsRUn401KixFwRbHxuHA|t; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 16:36:15 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
GET

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&dcc=t

chrome.exe

Remote address:

67.220.226.233:443

Request

GET /s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&dcc=t HTTP/1.1
Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ad-id=A_rxsRUn401KixFwRbHxuHA|t

Response

HTTP/1.1 200 OK

Server: Server
Date: Mon, 08 Apr 2024 16:36:15 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: M2GXCD7EQBTFQHX1C57C
Set-Cookie: ad-id=A_rxsRUn401KixFwRbHxuHA; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 16:36:15 GMT; Path=/; Secure; HttpOnly; SameSite=None
Set-Cookie: ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Sun, 01-Jul-2029 16:36:15 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
DNS

simage2.pubmatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

simage2.pubmatic.com

IN A

Response

simage2.pubmatic.com

IN CNAME

simage2v2.pubmnet.com

simage2v2.pubmnet.com

IN CNAME

pug-lhr-bc.pubmnet.com

pug-lhr-bc.pubmnet.com

IN A

185.64.191.210
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1598037658714274150&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1598037658714274150&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:15 GMT
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:15 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:15 GMT; path=/
set-cookie: PugT=1712594175; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:15 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:15 GMT
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1598037658714274150&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1598037658714274150&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: PugT=1712594175

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:15 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:15 GMT; path=/
set-cookie: PugT=1712594175; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:15 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=CAESEPCLHfxFPRQOOroR7wzbEdM&google_cver=1

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=CAESEPCLHfxFPRQOOroR7wzbEdM&google_cver=1 HTTP/2.0
host: image2.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: PugT=1712594175

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:15 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:15 GMT; path=/
set-cookie: PugT=1712594175; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:15 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: image2.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: PugT=1712594175

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:15 GMT
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: image2.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: PugT=1712594175

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: simage2.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: PugT=1712594175
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:16 GMT; path=/
set-cookie: PugT=1712594176; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:16 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=3975872950728440512

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=3975872950728440512 HTTP/2.0
host: simage2.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: PugT=1712594175
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:16 GMT; path=/
set-cookie: PugT=1712594176; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:16 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image2.pubmatic.com/AdServer/Pug?gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri HTTP/2.0
host: image2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: PugT=1712594176
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:44 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:44 GMT; path=/
set-cookie: PugT=1712594204; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:44 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7355536101821839502&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7355536101821839502&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: PugT=1712594204

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:45 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:45 GMT; path=/
set-cookie: PugT=1712594205; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:45 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7b97560b-443e-4085-8d78-fa4268abdc5d&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr_pd=&us_privacy=

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7b97560b-443e-4085-8d78-fa4268abdc5d&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr_pd=&us_privacy= HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: PugT=1712594205

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:45 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:45 GMT; path=/
set-cookie: PugT=1712594205; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:45 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oDHTg3vfVxNfj2Iimit6yL9l0Sc&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oDHTg3vfVxNfj2Iimit6yL9l0Sc&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: PugT=1712594205
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:45 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:45 GMT; path=/
set-cookie: PugT=1712594205; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:45 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2938864279918275978

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2938864279918275978 HTTP/2.0
host: image2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: PugT=1712594205
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:46 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_18=22947-2938864279918275978; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:45 GMT; path=/
set-cookie: PugT=1712594205; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:45 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr=1

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr=1 HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: PugT=1712594205
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:46 GMT
content-type: text/html; charset=utf-8
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&pi=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&pi=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: simage2.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: PugT=1712594205
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:46 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:46 GMT; path=/
set-cookie: PugT=1712594206; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:46 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: image2.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: PugT=1712594206

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:46 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:46 GMT; path=/
set-cookie: PugT=1712594206; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:46 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIMYyCsDgzHAN6TlRBAAAAAAA&expiration=1712680607&nuid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&is_secure=true&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr=1

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIMYyCsDgzHAN6TlRBAAAAAAA&expiration=1712680607&nuid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&is_secure=true&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr=1 HTTP/2.0
host: simage2.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: PugT=1712594206
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:47 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:47 GMT; path=/
set-cookie: PugT=1712594207; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:47 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7263111511922957154&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7263111511922957154&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy= HTTP/2.0
host: simage2.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: PugT=1712594207

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:47 GMT
content-type: text/html; charset=utf-8
content-length: 1
set-cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:47 GMT; path=/
set-cookie: PugT=1712594207; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:47 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU70bef5913bdb49f5981b668b6a30356a

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU70bef5913bdb49f5981b668b6a30356a HTTP/2.0
host: image2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: PugT=1712594207
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: SPugT=1712594207
cookie: chkChromeAb67Sec=3
cookie: SyncRTB3=1713398400%3A63%7C1713744000%3A220_55_249_8_54_46_176_71_251_22_214_13_166_238_21_3_56_161_254_233_266_264_234_81%7C1713139200%3A2_15_223%7C1713830400%3A35%7C1715126400%3A203

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a; domain=pubmatic.com; SameSite=None; secure; expires=Mon, 22-Apr-2024 16:36:50 GMT; path=/
set-cookie: PugT=1712594210; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:50 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=2554565571426866805

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=2554565571426866805 HTTP/2.0
host: image2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: SPugT=1712594207
cookie: chkChromeAb67Sec=3
cookie: SyncRTB3=1713398400%3A63%7C1713744000%3A220_55_249_8_54_46_176_71_251_22_214_13_166_238_21_3_56_161_254_233_266_264_234_81%7C1713139200%3A2_15_223%7C1713830400%3A35%7C1715126400%3A203
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: PugT=1712594210

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_336=5844-2554565571426866805; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:50 GMT; path=/
set-cookie: PugT=1712594210; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:50 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=37883803181144&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=37883803181144&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: SPugT=1712594207
cookie: chkChromeAb67Sec=3
cookie: SyncRTB3=1713398400%3A63%7C1713744000%3A220_55_249_8_54_46_176_71_251_22_214_13_166_238_21_3_56_161_254_233_266_264_234_81%7C1713139200%3A2_15_223%7C1713830400%3A35%7C1715126400%3A203
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: PugT=1712594210
cookie: KRTBCOOKIE_336=5844-2554565571426866805

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:51 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1277=23327-37883803181144&KRTB&23357-37883803181144; domain=pubmatic.com; SameSite=None; secure; expires=Fri, 07-Jun-2024 16:36:51 GMT; path=/
set-cookie: PugT=1712594211; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:51 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGz0E7MKDoAABXnInPt6g&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGz0E7MKDoAABXnInPt6g&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: image2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: SPugT=1712594207
cookie: chkChromeAb67Sec=3
cookie: SyncRTB3=1713398400%3A63%7C1713744000%3A220_55_249_8_54_46_176_71_251_22_214_13_166_238_21_3_56_161_254_233_266_264_234_81%7C1713139200%3A2_15_223%7C1713830400%3A35%7C1715126400%3A203
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: KRTBCOOKIE_336=5844-2554565571426866805
cookie: KRTBCOOKIE_1277=23327-37883803181144&KRTB&23357-37883803181144
cookie: PugT=1712594211

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_699=22727-AAGz0E7MKDoAABXnInPt6g; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:36:50 GMT; path=/
set-cookie: PugT=1712594210; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:50 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr=1&piggybackCookie=uid:d68bcc1c-191d-47c5-9b32-fc70409aa188&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr=1&piggybackCookie=uid:d68bcc1c-191d-47c5-9b32-fc70409aa188&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw HTTP/2.0
host: simage2.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: SPugT=1712594207
cookie: chkChromeAb67Sec=3
cookie: SyncRTB3=1713398400%3A63%7C1713744000%3A220_55_249_8_54_46_176_71_251_22_214_13_166_238_21_3_56_161_254_233_266_264_234_81%7C1713139200%3A2_15_223%7C1713830400%3A35%7C1715126400%3A203
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: KRTBCOOKIE_336=5844-2554565571426866805
cookie: KRTBCOOKIE_1277=23327-37883803181144&KRTB&23357-37883803181144
cookie: KRTBCOOKIE_699=22727-AAGz0E7MKDoAABXnInPt6g
cookie: PugT=1712594210

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:50 GMT
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=428af14e-f5c6-11ee-a000-e28a488a8b00

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=428af14e-f5c6-11ee-a000-e28a488a8b00 HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: KRTBCOOKIE_336=5844-2554565571426866805
cookie: KRTBCOOKIE_1277=23327-37883803181144&KRTB&23357-37883803181144
cookie: KRTBCOOKIE_699=22727-AAGz0E7MKDoAABXnInPt6g
cookie: PugT=1712594210
cookie: SPugT=1712594211
cookie: chkChromeAb67Sec=4
cookie: SyncRTB3=1717718400%3A69%7C1713398400%3A63%7C1713830400%3A35%7C1715126400%3A203%7C1713744000%3A251_176_214_266_234_243_165_71_13_3_161_55_249_166_238_56_21_254_264_81_88_220_8_54_46_22_233_99%7C1713139200%3A2_223_15

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:37:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_1003=22761-428af14e-f5c6-11ee-a000-e28a488a8b00&KRTB&23275-428af14e-f5c6-11ee-a000-e28a488a8b00; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:37:16 GMT; path=/
set-cookie: PugT=1712594236; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:37:16 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-bf21b128-10ea-4bea-b586-f21a606463ba-003&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-bf21b128-10ea-4bea-b586-f21a606463ba-003&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: simage2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: KRTBCOOKIE_336=5844-2554565571426866805
cookie: KRTBCOOKIE_1277=23327-37883803181144&KRTB&23357-37883803181144
cookie: KRTBCOOKIE_699=22727-AAGz0E7MKDoAABXnInPt6g
cookie: SPugT=1712594211
cookie: chkChromeAb67Sec=4
cookie: SyncRTB3=1717718400%3A69%7C1713398400%3A63%7C1713830400%3A35%7C1715126400%3A203%7C1713744000%3A251_176_214_266_234_243_165_71_13_3_161_55_249_166_238_56_21_254_264_81_88_220_8_54_46_22_233_99%7C1713139200%3A2_223_15
cookie: KRTBCOOKIE_1003=22761-428af14e-f5c6-11ee-a000-e28a488a8b00&KRTB&23275-428af14e-f5c6-11ee-a000-e28a488a8b00
cookie: PugT=1712594236

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:37:16 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_594=17105-RX-bf21b128-10ea-4bea-b586-f21a606463ba-003&KRTB&17107-RX-bf21b128-10ea-4bea-b586-f21a606463ba-003; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 07-Jul-2024 16:37:16 GMT; path=/
set-cookie: PugT=1712594236; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:37:16 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRSWXMnUYRWgUXRTa&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.64.191.210:443

Request

GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRSWXMnUYRWgUXRTa&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: image2.pubmatic.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: KRTBCOOKIE_336=5844-2554565571426866805
cookie: KRTBCOOKIE_1277=23327-37883803181144&KRTB&23357-37883803181144
cookie: KRTBCOOKIE_699=22727-AAGz0E7MKDoAABXnInPt6g
cookie: SPugT=1712594211
cookie: chkChromeAb67Sec=4
cookie: SyncRTB3=1717718400%3A69%7C1713398400%3A63%7C1713830400%3A35%7C1715126400%3A203%7C1713744000%3A251_176_214_266_234_243_165_71_13_3_161_55_249_166_238_56_21_254_264_81_88_220_8_54_46_22_233_99%7C1713139200%3A2_223_15
cookie: KRTBCOOKIE_1003=22761-428af14e-f5c6-11ee-a000-e28a488a8b00&KRTB&23275-428af14e-f5c6-11ee-a000-e28a488a8b00
cookie: PugT=1712594236
cookie: KRTBCOOKIE_594=17105-RX-bf21b128-10ea-4bea-b586-f21a606463ba-003&KRTB&17107-RX-bf21b128-10ea-4bea-b586-f21a606463ba-003

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:37:17 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_409=22966-tk2EoAPtRSWXMnUYRWgUXRTa; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:37:17 GMT; path=/
set-cookie: PugT=1712594237; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:37:17 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
DNS

4.174.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

4.174.67.172.in-addr.arpa

IN PTR

Response
DNS

49.233.173.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

49.233.173.18.in-addr.arpa

IN PTR

Response

49.233.173.18.in-addr.arpa

IN PTR

server-18-173-233-49dus51r cloudfrontnet
DNS

9.1.250.178.in-addr.arpa

Remote address:

8.8.8.8:53

Request

9.1.250.178.in-addr.arpa

IN PTR

Response
GET

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

67.220.226.233:443

Request

GET /s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/1.1
Host: aax-eu.amazon-adsystem.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: ad-id=A_rxsRUn401KixFwRbHxuHA|t

Response

HTTP/1.1 200 OK

Server: Server
Date: Mon, 08 Apr 2024 16:36:15 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: SSEGBEZ5Z9BV7C9GH1P1
Set-Cookie: ad-id=A_rxsRUn401KixFwRbHxuHA; Domain=.amazon-adsystem.com; Expires=Wed, 01-Jan-2025 16:36:15 GMT; Path=/; Secure; HttpOnly; SameSite=None
Set-Cookie: ad-privacy=0; Domain=.amazon-adsystem.com; Expires=Sun, 01-Jul-2029 16:36:15 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
DNS

cr.frontend.weborama.fr

chrome.exe

Remote address:

8.8.8.8:53

Request

cr.frontend.weborama.fr

IN A

Response

cr.frontend.weborama.fr

IN A

34.111.129.221
DNS

a.audrte.com

chrome.exe

Remote address:

8.8.8.8:53

Request

a.audrte.com

IN A

Response

a.audrte.com

IN A

52.215.200.207

a.audrte.com

IN A

52.17.231.33

a.audrte.com

IN A

34.240.126.98

a.audrte.com

IN A

52.30.18.244

a.audrte.com

IN A

34.248.32.69

a.audrte.com

IN A

52.215.59.81
DNS

um.simpli.fi

chrome.exe

Remote address:

8.8.8.8:53

Request

um.simpli.fi

IN A

Response

um.simpli.fi

IN A

34.91.62.186

um.simpli.fi

IN A

35.204.74.118

um.simpli.fi

IN A

35.204.158.49
DNS

match.adsrvr.org

chrome.exe

Remote address:

8.8.8.8:53

Request

match.adsrvr.org

IN A

Response

match.adsrvr.org

IN A

52.223.40.198

match.adsrvr.org

IN A

35.71.131.137

match.adsrvr.org

IN A

15.197.193.217

match.adsrvr.org

IN A

3.33.220.150
DNS

c1.adform.net

chrome.exe

Remote address:

8.8.8.8:53

Request

c1.adform.net

IN A

Response

c1.adform.net

IN CNAME

track.adformnet.akadns.net

track.adformnet.akadns.net

IN A

37.157.5.132

track.adformnet.akadns.net

IN A

37.157.5.133

track.adformnet.akadns.net

IN A

37.157.4.29

track.adformnet.akadns.net

IN A

37.157.5.84

track.adformnet.akadns.net

IN A

37.157.4.28
DNS

pr-bh.ybp.yahoo.com

chrome.exe

Remote address:

8.8.8.8:53

Request

pr-bh.ybp.yahoo.com

IN A

Response

pr-bh.ybp.yahoo.com

IN CNAME

ds-pr-bh.ybp.gysm.yahoodns.net

ds-pr-bh.ybp.gysm.yahoodns.net

IN A

52.49.52.84

ds-pr-bh.ybp.gysm.yahoodns.net

IN A

54.171.234.224

ds-pr-bh.ybp.gysm.yahoodns.net

IN A

63.35.81.137

ds-pr-bh.ybp.gysm.yahoodns.net

IN A

54.170.176.233
DNS

ups.analytics.yahoo.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ups.analytics.yahoo.com

IN A

Response

ups.analytics.yahoo.com

IN CNAME

prod.ups-ats.aolp-ds-prd.aws.oath.cloud

prod.ups-ats.aolp-ds-prd.aws.oath.cloud

IN CNAME

prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud

prod.ups-ats.eu-central-1.aolp-ds-prd.aws.oath.cloud

IN CNAME

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

IN A

3.71.149.231

ats-eks.eu-central-1.dcs-online-targeting-prd.aws.oath.cloud

IN A

3.75.62.37
GET

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

34.111.129.221:443

Request

GET /cr?key=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: cr.frontend.weborama.fr
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58292/sync?_origin=1&uid=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58292/sync?_origin=1&uid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&verify=true

chrome.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58292/sync?_origin=1&uid=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&verify=true HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: A3=d=AQABBP8cFGYCEBWZdfDXluYD4sYZso0mJQcFEgEBAQFuFWYeZs50rXYB_eMAAA&S=AQAAArI6hTyUChLKJmw2zDecL94
GET

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&verify=true

chrome.exe

Remote address:

3.71.149.231:443

Request

GET /ups/58292/sync?_origin=1&uid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&verify=true HTTP/2.0
host: ups.analytics.yahoo.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: A3=d=AQABBP8cFGYCEBWZdfDXluYD4sYZso0mJQcFEgEBAQFuFWYeZs50rXYB_eMAAA&S=AQAAArI6hTyUChLKJmw2zDecL94
DNS

image2.pubmatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

image2.pubmatic.com

IN A

Response

image2.pubmatic.com

IN CNAME

image2v2.pubmnet.com

image2v2.pubmnet.com

IN CNAME

pug-lhr-bc.pubmnet.com

pug-lhr-bc.pubmnet.com

IN A

185.64.191.210
DNS

233.226.220.67.in-addr.arpa

Remote address:

8.8.8.8:53

Request

233.226.220.67.in-addr.arpa

IN PTR

Response
DNS

210.191.64.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

210.191.64.185.in-addr.arpa

IN PTR

Response
DNS

221.129.111.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

221.129.111.34.in-addr.arpa

IN PTR

Response

221.129.111.34.in-addr.arpa

IN PTR

22112911134bcgoogleusercontentcom
DNS

207.200.215.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

207.200.215.52.in-addr.arpa

IN PTR

Response

207.200.215.52.in-addr.arpa

IN PTR

ec2-52-215-200-207 eu-west-1compute amazonawscom
DNS

84.52.49.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

84.52.49.52.in-addr.arpa

IN PTR

Response

84.52.49.52.in-addr.arpa

IN PTR

ec2-52-49-52-84 eu-west-1compute amazonawscom
DNS

198.40.223.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

198.40.223.52.in-addr.arpa

IN PTR

Response

198.40.223.52.in-addr.arpa

IN PTR

a6370ebea231e0c9aawsglobalacceleratorcom
DNS

186.62.91.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

186.62.91.34.in-addr.arpa

IN PTR

Response

186.62.91.34.in-addr.arpa

IN PTR

186629134bcgoogleusercontentcom
DNS

132.5.157.37.in-addr.arpa

Remote address:

8.8.8.8:53

Request

132.5.157.37.in-addr.arpa

IN PTR

Response
DNS

231.149.71.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

231.149.71.3.in-addr.arpa

IN PTR

Response

231.149.71.3.in-addr.arpa

IN PTR

ec2-3-71-149-231eu-central-1compute amazonawscom
DNS

image4.pubmatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

image4.pubmatic.com

IN A

Response

image4.pubmatic.com

IN CNAME

image4-v2.pubmnet.com

image4-v2.pubmnet.com

IN CNAME

spug-amsfpairbc.pubmnet.com

spug-amsfpairbc.pubmnet.com

IN A

198.47.127.20
GET

https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J4chG_RE2uUH8XjcvJN7Byycl7tUqLc-~A&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

198.47.127.20:443

Request

GET /AdServer/SPug?partnerID=156078&xid=y-J4chG_RE2uUH8XjcvJN7Byycl7tUqLc-~A&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: image4.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: PugT=1712594175
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:15 GMT
set-cookie: SPugT=1712594175; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:15 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J4chG_RE2uUH8XjcvJN7Byycl7tUqLc-~A&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

198.47.127.20:443

Request

GET /AdServer/SPug?partnerID=156078&xid=y-J4chG_RE2uUH8XjcvJN7Byycl7tUqLc-~A&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: image4.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: PugT=1712594175
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:16 GMT
set-cookie: SPugT=1712594176; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:16 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.20:443

Request

GET /AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: simage4.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: pi=158936:2
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: PugT=1712594176
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:16 GMT
set-cookie: SPugT=1712594176; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:16 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.20:443

Request

GET /AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: simage4.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: chkChromeAb67Sec=1
cookie: DPSync3=1713744000%3A201_245_241_235
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: SyncRTB3=1713744000%3A21_56_251_71_220_13_54_3%7C1713830400%3A35%7C1713139200%3A223
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: PugT=1712594176
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:16 GMT
set-cookie: SPugT=1712594176; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:16 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.20:443

Request

GET /AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: simage4.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: SPugT=1712594176
cookie: chkChromeAb67Sec=2
cookie: pi=158936:4
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: SyncRTB3=1713139200%3A223_15_2%7C1713744000%3A8_251_233_22_71_220_13_54_3_266_46_21_56_55%7C1715126400%3A203%7C1713398400%3A63%7C1713830400%3A35
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: PugT=1712594207
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:47 GMT
set-cookie: SPugT=1712594207; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:47 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.20:443

Request

GET /AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: simage4.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: SPugT=1712594207
cookie: chkChromeAb67Sec=3
cookie: SyncRTB3=1713398400%3A63%7C1713744000%3A220_55_249_8_54_46_176_71_251_22_214_13_166_238_21_3_56_161_254_233_266_264_234_81%7C1713139200%3A2_15_223%7C1713830400%3A35%7C1715126400%3A203
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: KRTBCOOKIE_336=5844-2554565571426866805
cookie: KRTBCOOKIE_1277=23327-37883803181144&KRTB&23357-37883803181144
cookie: KRTBCOOKIE_699=22727-AAGz0E7MKDoAABXnInPt6g
cookie: PugT=1712594210

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:36:51 GMT
set-cookie: SPugT=1712594211; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:36:51 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
GET

https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

chrome.exe

Remote address:

198.47.127.20:443

Request

GET /AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1--- HTTP/2.0
host: simage4.pubmatic.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: KADUSERCOOKIE=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
cookie: KRTBCOOKIE_57=22776-1598037658714274150&KRTB&23339-1598037658714274150
cookie: KRTBCOOKIE_80=22987-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23025-CAESEPCLHfxFPRQOOroR7wzbEdM&KRTB&23386-CAESEPCLHfxFPRQOOroR7wzbEdM
cookie: KRTBCOOKIE_377=6810-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22918-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&22926-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&KRTB&23031-c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea
cookie: KRTBCOOKIE_391=22924-3975872950728440512&KRTB&23263-3975872950728440512&KRTB&23481-3975872950728440512
cookie: DPSync3=1713744000%3A235_227_226_219_197_201_245_241
cookie: pi=158936:4
cookie: KRTBCOOKIE_153=1923-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&19420-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&22979-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri&KRTB&23462-3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri
cookie: KRTBCOOKIE_1101=23040-7355536101821839502&KRTB&23369-7355536101821839502
cookie: KRTBCOOKIE_466=16530-7b97560b-443e-4085-8d78-fa4268abdc5d
cookie: KRTBCOOKIE_860=16335-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23334-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23417-oDHTg3vfVxNfj2Iimit6yL9l0Sc&KRTB&23426-oDHTg3vfVxNfj2Iimit6yL9l0Sc
cookie: KRTBCOOKIE_18=22947-2938864279918275978
cookie: KRTBCOOKIE_632=23041-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23047-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23234-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&KRTB&23361-VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA
cookie: KRTBCOOKIE_188=3189-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&KRTB&23418-c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553
cookie: KRTBCOOKIE_32=11175-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22713-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&22715-AAAIMYyCsDgzHAN6TlRBAAAAAAA&KRTB&23519-AAAIMYyCsDgzHAN6TlRBAAAAAAA
cookie: KRTBCOOKIE_22=14911-7263111511922957154&KRTB&23150-7263111511922957154&KRTB&23527-7263111511922957154
cookie: KRTBCOOKIE_1323=23480-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23485-OPU70bef5913bdb49f5981b668b6a30356a&KRTB&23575-OPU70bef5913bdb49f5981b668b6a30356a
cookie: KRTBCOOKIE_336=5844-2554565571426866805
cookie: KRTBCOOKIE_1277=23327-37883803181144&KRTB&23357-37883803181144
cookie: KRTBCOOKIE_699=22727-AAGz0E7MKDoAABXnInPt6g
cookie: SPugT=1712594211
cookie: chkChromeAb67Sec=4
cookie: SyncRTB3=1717718400%3A69%7C1713398400%3A63%7C1713830400%3A35%7C1715126400%3A203%7C1713744000%3A251_176_214_266_234_243_165_71_13_3_161_55_249_166_238_56_21_254_264_81_88_220_8_54_46_22_233_99%7C1713139200%3A2_223_15
cookie: KRTBCOOKIE_1003=22761-428af14e-f5c6-11ee-a000-e28a488a8b00&KRTB&23275-428af14e-f5c6-11ee-a000-e28a488a8b00
cookie: KRTBCOOKIE_594=17105-RX-bf21b128-10ea-4bea-b586-f21a606463ba-003&KRTB&17107-RX-bf21b128-10ea-4bea-b586-f21a606463ba-003
cookie: KRTBCOOKIE_409=22966-tk2EoAPtRSWXMnUYRWgUXRTa
cookie: PugT=1712594237

Response

HTTP/2.0 200

server: nginx
date: Mon, 08 Apr 2024 16:37:18 GMT
set-cookie: SPugT=1712594238; domain=pubmatic.com; SameSite=None; secure; expires=Wed, 08-May-2024 16:37:18 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
DNS

idsync.frontend.weborama.fr

chrome.exe

Remote address:

8.8.8.8:53

Request

idsync.frontend.weborama.fr

IN A

Response

idsync.frontend.weborama.fr

IN A

34.111.131.239
GET

https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9655CB93-E9CA-4AF8-A1D5-5834E2E93909

chrome.exe

Remote address:

34.111.131.239:443

Request

GET /ids?key=pubmatic&value=9655CB93-E9CA-4AF8-A1D5-5834E2E93909 HTTP/2.0
host: idsync.frontend.weborama.fr
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AFFICHE_W=uFXSg7ZnbAe428
DNS

simage4.pubmatic.com

chrome.exe

Remote address:

8.8.8.8:53

Request

simage4.pubmatic.com

IN A

Response

simage4.pubmatic.com

IN CNAME

image4-v2.pubmnet.com

image4-v2.pubmnet.com

IN CNAME

spug-amsfpairbc.pubmnet.com

spug-amsfpairbc.pubmnet.com

IN A

198.47.127.20
DNS

239.131.111.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

239.131.111.34.in-addr.arpa

IN PTR

Response

239.131.111.34.in-addr.arpa

IN PTR

23913111134bcgoogleusercontentcom
DNS

20.127.47.198.in-addr.arpa

Remote address:

8.8.8.8:53

Request

20.127.47.198.in-addr.arpa

IN PTR

Response
DNS

86.23.85.13.in-addr.arpa

Remote address:

8.8.8.8:53

Request

86.23.85.13.in-addr.arpa

IN PTR

Response
DNS

56.126.166.20.in-addr.arpa

Remote address:

8.8.8.8:53

Request

56.126.166.20.in-addr.arpa

IN PTR

Response
DNS

ade.googlesyndication.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ade.googlesyndication.com

IN A

Response

ade.googlesyndication.com

IN A

142.250.200.34
DNS

cms.quantserve.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cms.quantserve.com

IN A

Response

cms.quantserve.com

IN CNAME

2kpixel.quantserve.com

2kpixel.quantserve.com

IN CNAME

global.px.quantserve.com

global.px.quantserve.com

IN A

91.228.74.244

global.px.quantserve.com

IN A

91.228.74.206

global.px.quantserve.com

IN A

91.228.74.208

global.px.quantserve.com

IN A

91.228.74.200

global.px.quantserve.com

IN A

91.228.74.251

global.px.quantserve.com

IN A

91.228.74.159

global.px.quantserve.com

IN A

91.228.74.166

global.px.quantserve.com

IN A

91.228.74.168
DNS

pm.w55c.net

chrome.exe

Remote address:

8.8.8.8:53

Request

pm.w55c.net

IN A

Response

pm.w55c.net

IN CNAME

cdn.w55c.net

cdn.w55c.net

IN A

3.248.140.44

cdn.w55c.net

IN A

52.16.176.188

cdn.w55c.net

IN A

52.18.90.0
DNS

x.bidswitch.net

chrome.exe

Remote address:

8.8.8.8:53

Request

x.bidswitch.net

IN A

Response

x.bidswitch.net

IN CNAME

user-data-eu.bidswitch.net

user-data-eu.bidswitch.net

IN A

35.214.149.91
DNS

sync.srv.stackadapt.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sync.srv.stackadapt.com

IN A

Response

sync.srv.stackadapt.com

IN A

54.172.158.143

sync.srv.stackadapt.com

IN A

54.159.174.96

sync.srv.stackadapt.com

IN A

54.145.153.101

sync.srv.stackadapt.com

IN A

54.164.17.132

sync.srv.stackadapt.com

IN A

54.145.45.250

sync.srv.stackadapt.com

IN A

54.197.158.229

sync.srv.stackadapt.com

IN A

54.158.42.6

sync.srv.stackadapt.com

IN A

54.144.230.52
DNS

a.rfihub.com

chrome.exe

Remote address:

8.8.8.8:53

Request

a.rfihub.com

IN A

Response

a.rfihub.com

IN CNAME

a.rfihub.com.akadns.net

a.rfihub.com.akadns.net

IN CNAME

a-emea.rfihub.com.akadns.net

a-emea.rfihub.com.akadns.net

IN A

193.0.160.130
DNS

sync-dmp.aura-dsp.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sync-dmp.aura-dsp.com

IN A

Response
DNS

gtrace.mediago.io

chrome.exe

Remote address:

8.8.8.8:53

Request

gtrace.mediago.io

IN A

Response

gtrace.mediago.io

IN A

35.214.168.80
GET

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEHLzvuEBk6TPsnDxPd1hVOs&google_cver=1&google_push=AXcoOmR7AuIFu6M7BAQzjWShRKJil3Pa7rAi1vITz0YJmZGb_J3Jh-YzzYubI9-JZoN66HP5-klE3QDt2Mb1SfDjrk5gML38z6-HzSfm

chrome.exe

Remote address:

35.214.168.80:443

Request

GET /ju/cs/google?google_gid=CAESEHLzvuEBk6TPsnDxPd1hVOs&google_cver=1&google_push=AXcoOmR7AuIFu6M7BAQzjWShRKJil3Pa7rAi1vITz0YJmZGb_J3Jh-YzzYubI9-JZoN66HP5-klE3QDt2Mb1SfDjrk5gML38z6-HzSfm HTTP/2.0
host: gtrace.mediago.io
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEHLzvuEBk6TPsnDxPd1hVOs&google_cver=1&google_push=AXcoOmRv0EMVC6-Ce3VNemRyppsUyuhiRLjBlHR8RTTTShWp6XtLTil3DC_bQtyg2odE71Muv-fwnNBMpYaUtACDSOjEn6_lpocCEjI

chrome.exe

Remote address:

35.214.168.80:443

Request

GET /ju/cs/google?google_gid=CAESEHLzvuEBk6TPsnDxPd1hVOs&google_cver=1&google_push=AXcoOmRv0EMVC6-Ce3VNemRyppsUyuhiRLjBlHR8RTTTShWp6XtLTil3DC_bQtyg2odE71Muv-fwnNBMpYaUtACDSOjEn6_lpocCEjI HTTP/2.0
host: gtrace.mediago.io
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEHLzvuEBk6TPsnDxPd1hVOs&google_cver=1&google_push=AXcoOmRRsy6i4zndN5VnV7PlOkJ34KHGh0aQM_d5QCliJ3_oWc0rSGbwbAS_FiekYH2UZrZonDIQoIms2ND84VquHO2BTXiTlGBDO0c

chrome.exe

Remote address:

35.214.168.80:443

Request

GET /ju/cs/google?google_gid=CAESEHLzvuEBk6TPsnDxPd1hVOs&google_cver=1&google_push=AXcoOmRRsy6i4zndN5VnV7PlOkJ34KHGh0aQM_d5QCliJ3_oWc0rSGbwbAS_FiekYH2UZrZonDIQoIms2ND84VquHO2BTXiTlGBDO0c HTTP/2.0
host: gtrace.mediago.io
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: __mguid_=acff52a12093a79b2wr0ei00lur6czcm
DNS

creativecdn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

creativecdn.com

IN A

Response

creativecdn.com

IN A

185.184.8.90
GET

https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEJsjPJCfnDgEE49hR7VIvfE&google_cver=1&google_push=AXcoOmT_CH3RfodRWwe8w_9nhBPI_rWCuybB7vxXi-JVEMqko5OZE8BIciHjfli73R6hlljY7PzNa1CcGvHne2wWtudyK5Za2g2AlA

chrome.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEJsjPJCfnDgEE49hR7VIvfE&google_cver=1&google_push=AXcoOmT_CH3RfodRWwe8w_9nhBPI_rWCuybB7vxXi-JVEMqko5OZE8BIciHjfli73R6hlljY7PzNa1CcGvHne2wWtudyK5Za2g2AlA HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Mon, 08 Apr 2024 16:36:26 GMT
vary: Accept-Encoding
set-cookie: g=VQMF0lP5XVi0b4qUuL7h_1712594186336;Path=/;Domain=.creativecdn.com;Expires=Tue, 08-Apr-2025 16:36:26 GMT;Max-Age=31536000;Secure;SameSite=None
set-cookie: ts=1712594186;Path=/;Domain=.creativecdn.com;Expires=Tue, 08-Apr-2025 16:36:26 GMT;Max-Age=31536000;Secure;SameSite=None;Partitioned
expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
location: https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEJsjPJCfnDgEE49hR7VIvfE&google_cver=1&google_push=AXcoOmT_CH3RfodRWwe8w_9nhBPI_rWCuybB7vxXi-JVEMqko5OZE8BIciHjfli73R6hlljY7PzNa1CcGvHne2wWtudyK5Za2g2AlA&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Mon, 08 Apr 2024 16:36:26 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEJsjPJCfnDgEE49hR7VIvfE&google_cver=1&google_push=AXcoOmT_CH3RfodRWwe8w_9nhBPI_rWCuybB7vxXi-JVEMqko5OZE8BIciHjfli73R6hlljY7PzNa1CcGvHne2wWtudyK5Za2g2AlA&tc=1

chrome.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEJsjPJCfnDgEE49hR7VIvfE&google_cver=1&google_push=AXcoOmT_CH3RfodRWwe8w_9nhBPI_rWCuybB7vxXi-JVEMqko5OZE8BIciHjfli73R6hlljY7PzNa1CcGvHne2wWtudyK5Za2g2AlA&tc=1 HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: g=VQMF0lP5XVi0b4qUuL7h_1712594186336
cookie: ts=1712594186

Response

HTTP/2.0 302

date: Mon, 08 Apr 2024 16:36:26 GMT
vary: Accept-Encoding
location: https://cm.g.doubleclick.net/pixel?google_ula=5153224&google_hm=VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&pi=adx&tdc=ams&pi=adxab&google_nid=rtb_house&google_gid=CAESEJsjPJCfnDgEE49hR7VIvfE&google_cver=1&google_push=AXcoOmT_CH3RfodRWwe8w_9nhBPI_rWCuybB7vxXi-JVEMqko5OZE8BIciHjfli73R6hlljY7PzNa1CcGvHne2wWtudyK5Za2g2AlA&tc=1
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Mon, 08 Apr 2024 16:36:26 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
GET

https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

185.184.8.90:443

Request

GET /cm-notify?pi=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: creativecdn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: g=VQMF0lP5XVi0b4qUuL7h_1712594186336
cookie: ts=1712594186

Response

HTTP/2.0 302

date: Mon, 08 Apr 2024 16:36:46 GMT
vary: Accept-Encoding
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&pi=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA
cache-control: no-cache, no-store, must-revalidate, private, max-age=0
pragma: no-cache
date: Mon, 08 Apr 2024 16:36:46 GMT
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 0
DNS

dsp.adkernel.com

chrome.exe

Remote address:

8.8.8.8:53

Request

dsp.adkernel.com

IN A

Response

dsp.adkernel.com

IN A

174.137.133.49
DNS

91.149.214.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

91.149.214.35.in-addr.arpa

IN PTR

Response

91.149.214.35.in-addr.arpa

IN PTR

9114921435bcgoogleusercontentcom
DNS

130.160.0.193.in-addr.arpa

Remote address:

8.8.8.8:53

Request

130.160.0.193.in-addr.arpa

IN PTR

Response
DNS

44.140.248.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

44.140.248.3.in-addr.arpa

IN PTR

Response

44.140.248.3.in-addr.arpa

IN PTR

ec2-3-248-140-44 eu-west-1compute amazonawscom
DNS

80.168.214.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

80.168.214.35.in-addr.arpa

IN PTR

Response

80.168.214.35.in-addr.arpa

IN PTR

8016821435bcgoogleusercontentcom
DNS

80.168.214.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

80.168.214.35.in-addr.arpa

IN PTR

Response

80.168.214.35.in-addr.arpa

IN PTR

8016821435bcgoogleusercontentcom
DNS

244.74.228.91.in-addr.arpa

Remote address:

8.8.8.8:53

Request

244.74.228.91.in-addr.arpa

IN PTR

Response
DNS

143.158.172.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

143.158.172.54.in-addr.arpa

IN PTR

Response

143.158.172.54.in-addr.arpa

IN PTR

ec2-54-172-158-143 compute-1 amazonawscom
DNS

90.8.184.185.in-addr.arpa

Remote address:

8.8.8.8:53

Request

90.8.184.185.in-addr.arpa

IN PTR

Response

90.8.184.185.in-addr.arpa

IN PTR

ip-185-184-8-90rtbhousenet
DNS

49.133.137.174.in-addr.arpa

Remote address:

8.8.8.8:53

Request

49.133.137.174.in-addr.arpa

IN PTR

Response
DNS

dclk-match.dotomi.com

chrome.exe

Remote address:

8.8.8.8:53

Request

dclk-match.dotomi.com

IN A

Response

dclk-match.dotomi.com

IN CNAME

bfp.global.dual.dotomi.weighted.com.akadns.net

bfp.global.dual.dotomi.weighted.com.akadns.net

IN A

89.207.16.140
GET

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQF4Wf_aaAADLx3mcpS5_bjVnJY5wZI_dFURVlcdRi1DLkvwDdcf0Z-caiKefm_4PrSNmGdOfiXeB0DQeExlpLQimQXLU12wg&google_gid=CAESEA0Z0RB1HlQKYEzKPTiRswE&google_cver=1

chrome.exe

Remote address:

178.250.1.9:443

Request

GET /dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQF4Wf_aaAADLx3mcpS5_bjVnJY5wZI_dFURVlcdRi1DLkvwDdcf0Z-caiKefm_4PrSNmGdOfiXeB0DQeExlpLQimQXLU12wg&google_gid=CAESEA0Z0RB1HlQKYEzKPTiRswE&google_cver=1 HTTP/2.0
host: dis.criteo.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=c5cbe1c4-69e2-4c42-a082-bee5afed4bac

Response

HTTP/2.0 302

content-length: 0
date: Mon, 08 Apr 2024 16:36:30 GMT
server: Kestrel
cache-control: no-cache
expires: Mon, 08 Apr 2024 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-_PZ6iUFFMU7_kkEc9mqywUo13-OTOkpLAz0mtw&google_push=AXcoOmQF4Wf_aaAADLx3mcpS5_bjVnJY5wZI_dFURVlcdRi1DLkvwDdcf0Z-caiKefm_4PrSNmGdOfiXeB0DQeExlpLQimQXLU12wg
pragma: no-cache
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 886985
strict-transport-security: max-age=31536000; preload;
GET

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR2CzCwkFGMDmeg59GqDB_qjitdCrUPdKtRxepBjPHEB0OtKtmP5I4WscQJWgoEnGbZwG9yLg5RAjg_VVKZx_2RkJie0Ssm9A&google_gid=CAESEA0Z0RB1HlQKYEzKPTiRswE&google_cver=1

chrome.exe

Remote address:

178.250.1.9:443

Request

GET /dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR2CzCwkFGMDmeg59GqDB_qjitdCrUPdKtRxepBjPHEB0OtKtmP5I4WscQJWgoEnGbZwG9yLg5RAjg_VVKZx_2RkJie0Ssm9A&google_gid=CAESEA0Z0RB1HlQKYEzKPTiRswE&google_cver=1 HTTP/2.0
host: dis.criteo.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=c5cbe1c4-69e2-4c42-a082-bee5afed4bac

Response

HTTP/2.0 302

content-length: 0
date: Mon, 08 Apr 2024 16:36:31 GMT
server: Kestrel
cache-control: no-cache
expires: Mon, 08 Apr 2024 00:00:00 GMT
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_hm=k-_PZ6iUFFMU7_kkEc9mqywUo13-OTOkpLAz0mtw&google_push=AXcoOmR2CzCwkFGMDmeg59GqDB_qjitdCrUPdKtRxepBjPHEB0OtKtmP5I4WscQJWgoEnGbZwG9yLg5RAjg_VVKZx_2RkJie0Ssm9A
pragma: no-cache
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 826858
strict-transport-security: max-age=31536000; preload;
DNS

tr.blismedia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

tr.blismedia.com

IN A

Response

tr.blismedia.com

IN A

34.96.105.8
DNS

onetag-sys.com

chrome.exe

Remote address:

8.8.8.8:53

Request

onetag-sys.com

IN A

Response

onetag-sys.com

IN A

51.89.9.252

onetag-sys.com

IN A

51.89.9.254

onetag-sys.com

IN A

51.38.120.206

onetag-sys.com

IN A

51.89.9.253

onetag-sys.com

IN A

51.89.9.251

onetag-sys.com

IN A

51.75.86.98
GET

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEC5zVKccELJQGsJ-qrczmsI&google_cver=1&google_push=AXcoOmTSBG_2esGAAj-5hBCAAhLzFRvvlTSNk2gF1Ct2pXqSgHeH3W9rW1Uv65_zOEGhPRswjHIOcYN4wiVEJitiI1qGaGG23fI9e3I

chrome.exe

Remote address:

34.96.105.8:443

Request

GET /v1/api/sync/AdxPixel?google_gid=CAESEC5zVKccELJQGsJ-qrczmsI&google_cver=1&google_push=AXcoOmTSBG_2esGAAj-5hBCAAhLzFRvvlTSNk2gF1Ct2pXqSgHeH3W9rW1Uv65_zOEGhPRswjHIOcYN4wiVEJitiI1qGaGG23fI9e3I HTTP/2.0
host: tr.blismedia.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKjQ40e9Bh9934kHs_h3PR8&google_cver=1&google_push=AXcoOmTyTtSMJF9lAHgnT6muj_vGHhy16O9kHho9bJ3uifpKS7jW3dfHgkvs5vxVLGWNMOpjOwNwmfHDEImX6ob4vB-NWlvmRI3NfCs

chrome.exe

Remote address:

51.89.9.252:443

Request

GET /match/?int_id=19&redir=1&google_gid=CAESEKjQ40e9Bh9934kHs_h3PR8&google_cver=1&google_push=AXcoOmTyTtSMJF9lAHgnT6muj_vGHhy16O9kHho9bJ3uifpKS7jW3dfHgkvs5vxVLGWNMOpjOwNwmfHDEImX6ob4vB-NWlvmRI3NfCs HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmTyTtSMJF9lAHgnT6muj_vGHhy16O9kHho9bJ3uifpKS7jW3dfHgkvs5vxVLGWNMOpjOwNwmfHDEImX6ob4vB-NWlvmRI3NfCs
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
GET

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKjQ40e9Bh9934kHs_h3PR8&google_cver=1&google_push=AXcoOmSumd0sbJa8kZUhyGWvt4gEMYtjLq11FM_iUFPwgWVaPMwDtjrVdd-ooHqWjJ8ziwmVryfOebR20qVSWS0P8aMgVAe7iXX_bw

chrome.exe

Remote address:

51.89.9.252:443

Request

GET /match/?int_id=19&redir=1&google_gid=CAESEKjQ40e9Bh9934kHs_h3PR8&google_cver=1&google_push=AXcoOmSumd0sbJa8kZUhyGWvt4gEMYtjLq11FM_iUFPwgWVaPMwDtjrVdd-ooHqWjJ8ziwmVryfOebR20qVSWS0P8aMgVAe7iXX_bw HTTP/2.0
host: onetag-sys.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
location: https://cm.g.doubleclick.net/pixel?google_nid=one_tag&google_hm=&google_push=AXcoOmSumd0sbJa8kZUhyGWvt4gEMYtjLq11FM_iUFPwgWVaPMwDtjrVdd-ooHqWjJ8ziwmVryfOebR20qVSWS0P8aMgVAe7iXX_bw
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
DNS

8.105.96.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.105.96.34.in-addr.arpa

IN PTR

Response

8.105.96.34.in-addr.arpa

IN PTR

81059634bcgoogleusercontentcom
DNS

140.16.207.89.in-addr.arpa

Remote address:

8.8.8.8:53

Request

140.16.207.89.in-addr.arpa

IN PTR

Response

140.16.207.89.in-addr.arpa

IN PTR

ams03-nessy-float2dotomicom
DNS

252.9.89.51.in-addr.arpa

Remote address:

8.8.8.8:53

Request

252.9.89.51.in-addr.arpa

IN PTR

Response

252.9.89.51.in-addr.arpa

IN PTR

ip252 ip-51-89-9eu
DNS

ad.turn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ad.turn.com

IN A

Response

ad.turn.com

IN CNAME

ad.turn.com.akadns.net

ad.turn.com.akadns.net

IN A

46.228.164.11
DNS

a.tribalfusion.com

chrome.exe

Remote address:

8.8.8.8:53

Request

a.tribalfusion.com

IN A

Response

a.tribalfusion.com

IN A

104.18.25.173

a.tribalfusion.com

IN A

104.18.24.173
DNS

b1sync.zemanta.com

chrome.exe

Remote address:

8.8.8.8:53

Request

b1sync.zemanta.com

IN A

Response

b1sync.zemanta.com

IN CNAME

b1-use1.zemanta.com

b1-use1.zemanta.com

IN CNAME

zemanta-nychi2.outbrain.org

zemanta-nychi2.outbrain.org

IN CNAME

chidc2.outbrain.org

chidc2.outbrain.org

IN A

50.31.142.255
GET

https://ad.turn.com/r/cs?pid=3&google_gid=CAESEK_hn3jfmVrf60JN03kV63Q&google_cver=1&google_push=AXcoOmTbGdh2NZIdJoMRSbMFgfIjjecL9vLUHjXrnHsYRrC02BHJ415q7Y546QP0gbRbRm5McgHU7vC3orS--gRVHaFmyX8hU-xhmg

chrome.exe

Remote address:

46.228.164.11:443

Request

GET /r/cs?pid=3&google_gid=CAESEK_hn3jfmVrf60JN03kV63Q&google_cver=1&google_push=AXcoOmTbGdh2NZIdJoMRSbMFgfIjjecL9vLUHjXrnHsYRrC02BHJ415q7Y546QP0gbRbRm5McgHU7vC3orS--gRVHaFmyX8hU-xhmg HTTP/2.0
host: ad.turn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7263111511922957154; Domain=.turn.com; Expires=Sat, 05-Oct-2024 16:36:31 GMT; Path=/; Secure; SameSite=None
location: https://cm.g.doubleclick.net/pixel?google_nid=turn1&google_cm&google_sc&google_hm=NzI2MzExMTUxMTkyMjk1NzE1NA==&gdpr=&gdpr_consent=&process_consent=T
content-length: 0
date: Mon, 08 Apr 2024 16:36:30 GMT
GET

https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK_hn3jfmVrf60JN03kV63Q&google_cver=1

chrome.exe

Remote address:

46.228.164.11:443

Request

GET /r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK_hn3jfmVrf60JN03kV63Q&google_cver=1 HTTP/2.0
host: r.turn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=7263111511922957154

Response

HTTP/2.0 200

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7263111511922957154; Domain=.turn.com; Expires=Sat, 05-Oct-2024 16:36:31 GMT; Path=/; Secure; SameSite=None
content-type: image/gif
content-length: 43
date: Mon, 08 Apr 2024 16:36:31 GMT
GET

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

chrome.exe

Remote address:

104.18.25.173:443

Request

GET /i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/2.0
host: a.tribalfusion.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Mon, 08 Apr 2024 16:36:31 GMT
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 891
cache-control: no-cache
cache-control: private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aonoeUq0I1v9yNycPftVc659vn2S74wTS06TVKnt; path=/; domain=.tribalfusion.com; expires=Sun, 07-Jul-2024 16:36:31 GMT; SameSite=None; Secure;
set-cookie: ANON_ID_old=aonoeUq0I1v9yNycPftVc659vn2S74wTS06TVKnt; path=/; domain=.tribalfusion.com; expires=Sun, 07-Jul-2024 16:36:31 GMT;
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8713ad412d3093dd-LHR
alt-svc: h3=":443"; ma=86400
GET

https://a.tribalfusion.com/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

chrome.exe

Remote address:

104.18.25.173:443

Request

GET /i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/2.0
host: a.tribalfusion.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

date: Mon, 08 Apr 2024 16:36:31 GMT
content-type: text/html
location: https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 904
cache-control: no-cache
cache-control: private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=adnoeUuyTYTBErvcXsr9xTVpUZb2tvFtbSX6TV9AZb; path=/; domain=.tribalfusion.com; expires=Sun, 07-Jul-2024 16:36:31 GMT; SameSite=None; Secure;
set-cookie: ANON_ID_old=adnoeUuyTYTBErvcXsr9xTVpUZb2tvFtbSX6TV9AZb; path=/; domain=.tribalfusion.com; expires=Sun, 07-Jul-2024 16:36:31 GMT;
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8713ad423e8a93dd-LHR
alt-svc: h3=":443"; ma=86400
GET

https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

chrome.exe

Remote address:

104.18.25.173:443

Request

GET /z/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/2.0
host: s.tribalfusion.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: ANON_ID=aonoeUq0I1v9yNycPftVc659vn2S74wTS06TVKnt

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:31 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache
cache-control: private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=aontmIq0I1f9yNy6PgmFpQHRq0qd7pMNxtNOH1yNCJHx19hjZblIb50XteXpkZbuDMH0GPYHtmPf1DuZa1TZbTZbSJ6oG; path=/; domain=.tribalfusion.com; expires=Sun, 07-Jul-2024 16:36:31 GMT; SameSite=None; Secure;
set-cookie: ANON_ID_old=aontmIq0I1f9yNy6PgmFpQHRq0qd7pMNxtNOH1yNCJHx19hjZblIb50XteXpkZbuDMH0GPYHtmPf1DuZa1TZbTZbSJ6oG; path=/; domain=.tribalfusion.com; expires=Sun, 07-Jul-2024 16:36:31 GMT;
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8713ad42cf3c93dd-LHR
alt-svc: h3=":443"; ma=86400
GET

https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

chrome.exe

Remote address:

104.18.25.173:443

Request

GET /z/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24 HTTP/2.0
host: s.tribalfusion.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://pagead2.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: ANON_ID=adnoeUuyTYTBErvcXsr9xTVpUZb2tvFtbSX6TV9AZb

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:32 GMT
content-type: image/gif; charset=utf-8
content-length: 43
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache
cache-control: private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
set-cookie: ANON_ID=apntXLRkP6i6eCno6nTrsgeEXIVArmZcjxfv5sbRYdMfkONi3J5FbSbW97gOZbkkCoZcK9vIA9ZdijudUe3Qxm2mUZcTxpFhe; path=/; domain=.tribalfusion.com; expires=Sun, 07-Jul-2024 16:36:32 GMT; SameSite=None; Secure;
set-cookie: ANON_ID_old=apntXLRkP6i6eCno6nTrsgeEXIVArmZcjxfv5sbRYdMfkONi3J5FbSbW97gOZbkkCoZcK9vIA9ZdijudUe3Qxm2mUZcTxpFhe; path=/; domain=.tribalfusion.com; expires=Sun, 07-Jul-2024 16:36:32 GMT;
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 8713ad43984193dd-LHR
alt-svc: h3=":443"; ma=86400
DNS

r.turn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

r.turn.com

IN A

Response

r.turn.com

IN CNAME

r.turn.com.akadns.net

r.turn.com.akadns.net

IN A

46.228.164.11
DNS

s.tribalfusion.com

chrome.exe

Remote address:

8.8.8.8:53

Request

s.tribalfusion.com

IN A

Response

s.tribalfusion.com

IN A

104.18.24.173

s.tribalfusion.com

IN A

104.18.25.173
DNS

11.164.228.46.in-addr.arpa

Remote address:

8.8.8.8:53

Request

11.164.228.46.in-addr.arpa

IN PTR

Response

11.164.228.46.in-addr.arpa

IN PTR

presentation-ams1turncom
DNS

173.25.18.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.25.18.104.in-addr.arpa

IN PTR

Response
DNS

255.142.31.50.in-addr.arpa

Remote address:

8.8.8.8:53

Request

255.142.31.50.in-addr.arpa

IN PTR

Response

255.142.31.50.in-addr.arpa

IN PTR

chioutbraincom
DNS

k-storage.com

chrome.exe

Remote address:

8.8.8.8:53

Request

k-storage.com

IN A

Response

k-storage.com

IN A

104.21.49.80

k-storage.com

IN A

172.67.160.107
GET

https://k-storage.com/uwp/Krnl.exe

chrome.exe

Remote address:

104.21.49.80:443

Request

GET /uwp/Krnl.exe HTTP/2.0
host: k-storage.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: application/signed-exchange;v=b3;q=0.7,*/*;q=0.8
purpose: prefetch
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://krnl.vip/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 521

date: Mon, 08 Apr 2024 16:36:36 GMT
content-type: text/html; charset=UTF-8
content-length: 6819
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=e0FH9SJpqqTqFgN7Z%2F%2Fvgb0JDyISc7UP2l%2FSClqoblAOCMybdv4ix2MUQ1oFNru%2BCW6FLLq3lxBvHuPsU71aj7YcyM0Z5SJ9vnkXkY4xLAIaaNgKM2HG%2F0y%2Bo0SI%2FjFf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-frame-options: SAMEORIGIN
referrer-policy: same-origin
cache-control: private, max-age=0, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 01 Jan 1970 00:00:01 GMT
server: cloudflare
cf-ray: 8713ad5d8b629409-LHR
alt-svc: h3=":443"; ma=86400
DNS

80.49.21.104.in-addr.arpa

Remote address:

8.8.8.8:53

Request

80.49.21.104.in-addr.arpa

IN PTR

Response
DNS

sync-dmp.aura-dsp.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sync-dmp.aura-dsp.com

IN A

Response
DNS

sonata-notifications.taptapnetworks.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sonata-notifications.taptapnetworks.com

IN A

Response

sonata-notifications.taptapnetworks.com

IN A

18.158.116.115

sonata-notifications.taptapnetworks.com

IN A

35.156.202.1
DNS

dsp.adfarm1.adition.com

chrome.exe

Remote address:

8.8.8.8:53

Request

dsp.adfarm1.adition.com

IN A

Response

dsp.adfarm1.adition.com

IN A

85.114.159.118

dsp.adfarm1.adition.com

IN A

85.114.159.93
DNS

p.rfihub.com

chrome.exe

Remote address:

8.8.8.8:53

Request

p.rfihub.com

IN A

Response

p.rfihub.com

IN CNAME

a.rfihub.com

a.rfihub.com

IN CNAME

a.rfihub.com.akadns.net

a.rfihub.com.akadns.net

IN CNAME

a-emea.rfihub.com.akadns.net

a-emea.rfihub.com.akadns.net

IN A

193.0.160.130
DNS

sync-tm.everesttech.net

chrome.exe

Remote address:

8.8.8.8:53

Request

sync-tm.everesttech.net

IN A

Response

sync-tm.everesttech.net

IN CNAME

sync.tubemogul.com

sync.tubemogul.com

IN CNAME

syncf.tubemogul.com

syncf.tubemogul.com

IN CNAME

h2.shared.global.fastly.net

h2.shared.global.fastly.net

IN A

151.101.2.49

h2.shared.global.fastly.net

IN A

151.101.66.49

h2.shared.global.fastly.net

IN A

151.101.130.49

h2.shared.global.fastly.net

IN A

151.101.194.49
DNS

mwzeom.zeotap.com

chrome.exe

Remote address:

8.8.8.8:53

Request

mwzeom.zeotap.com

IN A

Response

mwzeom.zeotap.com

IN A

172.67.40.173

mwzeom.zeotap.com

IN A

104.22.50.98

mwzeom.zeotap.com

IN A

104.22.51.98
DNS

uipglob.semasio.net

chrome.exe

Remote address:

8.8.8.8:53

Request

uipglob.semasio.net

IN A

Response

uipglob.semasio.net

IN CNAME

uipglob.trafficmanager.net

uipglob.trafficmanager.net

IN CNAME

uip.semasio.net

uip.semasio.net

IN A

77.243.51.121

uip.semasio.net

IN A

77.243.51.122
GET

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&sInitiator=external&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

77.243.51.121:443

Request

GET /pubmatic/1/info?sType=sync&sExtCookieId=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&sInitiator=external&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/1.1
Host: uipglob.semasio.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

location: /pubmatic/1/info2?sType=sync&sExtCookieId=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&sInitiator=external&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA
uip-response-status: Ok
frontend-id: 6
set-cookie: SEUNCY=20ACE639B371E0F6; Expires=Tue, 08 Apr 2025 16:36:45 GMT; Path=/; Domain=.semasio.net; SameSite=None; HttpOnly; Secure
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sat, 01 Jan 2011 12:00:00 GMT
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
pragma: no-cache
date: Mon, 08 Apr 2024 16:36:45 GMT
content-length: 0
routing-server-id: -1
access-control-allow-origin: *
GET

https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&sInitiator=external&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

77.243.51.121:443

Request

GET /pubmatic/1/info2?sType=sync&sExtCookieId=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&sInitiator=external&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/1.1
Host: uipglob.semasio.net
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: SEUNCY=20ACE639B371E0F6

Response

HTTP/1.1 200 OK

content-type: image/gif
uip-response-status: Ok
frontend-id: 2
set-cookie: SEUNCY=20ACE639B371E0F6; Expires=Tue, 08 Apr 2025 16:36:45 GMT; Path=/; Domain=.semasio.net; SameSite=None; HttpOnly; Secure
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Sat, 01 Jan 2011 12:00:00 GMT
p3p: policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
pragma: no-cache
date: Mon, 08 Apr 2024 16:36:45 GMT
content-length: 42
routing-server-id: -1
access-control-allow-origin: *
GET

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&cid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909

chrome.exe

Remote address:

172.67.40.173:443

Request

GET /mw?zpartnerid=1384&env=mWeb&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&cid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909 HTTP/2.0
host: mwzeom.zeotap.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:36:46 GMT
content-type: image/png
content-length: 95
access-control-allow-credentials: true
access-control-allow-headers: *
access-control-allow-origin: https://ads.pubmatic.com
set-cookie: zc=4558b137-3cfd-40a3-603f-12d26dc44ee4; Path=/; Domain=.zeotap.com; Max-Age=31536000; SameSite=None; Secure
vary: Origin
via: 1.1 google
cf-cache-status: DYNAMIC
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 8713ad9b8dfb71cf-LHR
DNS

pixel.onaudience.com

chrome.exe

Remote address:

8.8.8.8:53

Request

pixel.onaudience.com

IN A

Response

pixel.onaudience.com

IN A

15.235.15.221

pixel.onaudience.com

IN A

141.94.171.213

pixel.onaudience.com

IN A

141.94.171.212

pixel.onaudience.com

IN A

141.94.171.216

pixel.onaudience.com

IN A

141.94.170.77

pixel.onaudience.com

IN A

51.222.80.231

pixel.onaudience.com

IN A

141.94.170.64

pixel.onaudience.com

IN A

141.94.171.214

pixel.onaudience.com

IN A

141.94.171.215

pixel.onaudience.com

IN A

146.59.148.16
GET

https://pixel.onaudience.com/?partner=214&mapped=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

15.235.15.221:443

Request

GET /?partner=214&mapped=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/1.1
Host: pixel.onaudience.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

set-cookie: cookie=9842fe6394a62970; Max-Age=31536000; Expires=Tue, 8 Apr 2025 16:36:46 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
set-cookie: done_redirects162=1; Max-Age=86400; Expires=Tue, 9 Apr 2024 16:36:46 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
location: https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m
content-length: 0
GET

https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m

chrome.exe

Remote address:

15.235.15.221:443

Request

GET /?partner=162&icm&cver&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m HTTP/1.1
Host: pixel.onaudience.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: cookie=9842fe6394a62970; done_redirects162=1

Response

HTTP/1.1 302 Found

set-cookie: cookie=9842fe6394a62970; Max-Age=31536000; Expires=Tue, 8 Apr 2025 16:36:46 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
location: https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&pid=dn5h51u&t=gif&uid=6c7d715cc5e6a2eb
content-length: 0
DNS

118.159.114.85.in-addr.arpa

Remote address:

8.8.8.8:53

Request

118.159.114.85.in-addr.arpa

IN PTR

Response

118.159.114.85.in-addr.arpa

IN PTR

dspadfarm1aditioncom
DNS

115.116.158.18.in-addr.arpa

Remote address:

8.8.8.8:53

Request

115.116.158.18.in-addr.arpa

IN PTR

Response

115.116.158.18.in-addr.arpa

IN PTR

ec2-18-158-116-115eu-central-1compute amazonawscom
DNS

49.2.101.151.in-addr.arpa

Remote address:

8.8.8.8:53

Request

49.2.101.151.in-addr.arpa

IN PTR

Response
DNS

173.40.67.172.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.40.67.172.in-addr.arpa

IN PTR

Response
DNS

121.51.243.77.in-addr.arpa

Remote address:

8.8.8.8:53

Request

121.51.243.77.in-addr.arpa

IN PTR

Response
DNS

pixel-sync.sitescout.com

chrome.exe

Remote address:

8.8.8.8:53

Request

pixel-sync.sitescout.com

IN A

Response

pixel-sync.sitescout.com

IN A

34.36.216.150
GET

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

34.36.216.150:443

Request

GET /dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: pixel-sync.sitescout.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

ps.eyeota.net

chrome.exe

Remote address:

8.8.8.8:53

Request

ps.eyeota.net

IN A

Response

ps.eyeota.net

IN A

3.121.27.153
DNS

pubmatic-match.dotomi.com

chrome.exe

Remote address:

8.8.8.8:53

Request

pubmatic-match.dotomi.com

IN A

Response

pubmatic-match.dotomi.com

IN CNAME

bfp.global.dual.dotomi.weighted.com.akadns.net

bfp.global.dual.dotomi.weighted.com.akadns.net

IN A

63.215.202.172
DNS

d.turn.com

chrome.exe

Remote address:

8.8.8.8:53

Request

d.turn.com

IN A

Response

d.turn.com

IN CNAME

d.turn.com.akadns.net

d.turn.com.akadns.net

IN A

46.228.164.13
GET

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=dn5h51u&&referrer_pid=dn5h51u

chrome.exe

Remote address:

46.228.164.13:443

Request

GET /r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=dn5h51u&&referrer_pid=dn5h51u HTTP/2.0
host: d.turn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=7263111511922957154

Response

HTTP/2.0 302

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7263111511922957154; Domain=.turn.com; Expires=Sat, 05-Oct-2024 16:36:47 GMT; Path=/; Secure; SameSite=None
location: https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=7263111511922957154&newuser=1&dc_rc=2&dc_mr=5&dc_orig=dn5h51u&&referrer_pid=dn5h51u
content-length: 0
date: Mon, 08 Apr 2024 16:36:46 GMT
DNS

221.15.235.15.in-addr.arpa

Remote address:

8.8.8.8:53

Request

221.15.235.15.in-addr.arpa

IN PTR

Response

221.15.235.15.in-addr.arpa

IN PTR

pikafka-us-3cloudyovh
DNS

150.216.36.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

150.216.36.34.in-addr.arpa

IN PTR

Response

150.216.36.34.in-addr.arpa

IN PTR

1502163634bcgoogleusercontentcom
DNS

172.202.215.63.in-addr.arpa

Remote address:

8.8.8.8:53

Request

172.202.215.63.in-addr.arpa

IN PTR

Response

172.202.215.63.in-addr.arpa

IN PTR

ams05-nessy-float2dotomicom
DNS

153.27.121.3.in-addr.arpa

Remote address:

8.8.8.8:53

Request

153.27.121.3.in-addr.arpa

IN PTR

Response

153.27.121.3.in-addr.arpa

IN PTR

ec2-3-121-27-153eu-central-1compute amazonawscom
GET

https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

46.228.164.11:443

Request

GET /r/cs?pid=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: ad.turn.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=7263111511922957154

Response

HTTP/2.0 302

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7263111511922957154; Domain=.turn.com; Expires=Sat, 05-Oct-2024 16:36:47 GMT; Path=/; Secure; SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7263111511922957154&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=
content-length: 0
date: Mon, 08 Apr 2024 16:36:47 GMT
DNS

13.164.228.46.in-addr.arpa

Remote address:

8.8.8.8:53

Request

13.164.228.46.in-addr.arpa

IN PTR

Response

13.164.228.46.in-addr.arpa

IN PTR

d-ams1turncom
DNS

d5p.de17a.com

chrome.exe

Remote address:

8.8.8.8:53

Request

d5p.de17a.com

IN A

Response

d5p.de17a.com

IN A

213.155.156.183

d5p.de17a.com

IN A

213.155.156.182

d5p.de17a.com

IN A

213.155.156.181

d5p.de17a.com

IN A

213.155.156.164

d5p.de17a.com

IN A

213.155.156.167

d5p.de17a.com

IN A

213.155.156.166

d5p.de17a.com

IN A

213.155.156.168

d5p.de17a.com

IN A

213.155.156.169

d5p.de17a.com

IN A

213.155.156.180

d5p.de17a.com

IN A

213.155.156.165

d5p.de17a.com

IN A

213.155.156.185

d5p.de17a.com

IN A

213.155.156.184
DNS

match.prod.bidr.io

chrome.exe

Remote address:

8.8.8.8:53

Request

match.prod.bidr.io

IN A

Response

match.prod.bidr.io

IN A

52.30.157.117

match.prod.bidr.io

IN A

52.209.243.124

match.prod.bidr.io

IN A

52.18.157.212

match.prod.bidr.io

IN A

52.19.105.29

match.prod.bidr.io

IN A

52.214.83.111

match.prod.bidr.io

IN A

34.255.58.76

match.prod.bidr.io

IN A

34.249.226.75

match.prod.bidr.io

IN A

52.48.73.249
GET

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=$UID

chrome.exe

Remote address:

213.155.156.183:443

Request

GET /getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=$UID HTTP/2.0
host: d5p.de17a.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

location: https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=$UID
set-cookie: guid=1.2554565571426866805; Max-Age=31104000; Path=/; Domain=.de17a.com; SameSite=None; Secure;
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
GET

https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=$UID

chrome.exe

Remote address:

213.155.156.183:443

Request

GET /getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=$UID HTTP/2.0
host: d5p.de17a.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: guid=1.2554565571426866805

Response

HTTP/2.0 302

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=2554565571426866805
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
DNS

t.adx.opera.com

chrome.exe

Remote address:

8.8.8.8:53

Request

t.adx.opera.com

IN A

Response

t.adx.opera.com

IN CNAME

outspot2-ams.adx.opera.com

outspot2-ams.adx.opera.com

IN A

82.145.213.8
DNS

csync.loopme.me

chrome.exe

Remote address:

8.8.8.8:53

Request

csync.loopme.me

IN A

Response

csync.loopme.me

IN CNAME

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.244.54

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.144.9

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.232.155

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.238.211

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.200.205

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.229.219

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.253.238

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.174.160

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.221.233

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.208.206

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.129.22

envoy-hl.envoy-csync1.core-b8mf.ov1o.com

IN A

35.214.190.26
GET

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

35.214.244.54:443

Request

GET /?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: csync.loopme.me
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 504

content-length: 24
content-type: text/plain
date: Mon, 08 Apr 2024 16:36:50 GMT
server: _
DNS

ipac.ctnsnet.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ipac.ctnsnet.com

IN A

Response

ipac.ctnsnet.com

IN A

35.186.193.173
GET

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]

chrome.exe

Remote address:

35.186.193.173:443

Request

GET /int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id] HTTP/2.0
host: ipac.ctnsnet.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

core.iprom.net

chrome.exe

Remote address:

8.8.8.8:53

Request

core.iprom.net

IN A

Response

core.iprom.net

IN A

195.5.165.20
DNS

rtb-csync.smartadserver.com

chrome.exe

Remote address:

8.8.8.8:53

Request

rtb-csync.smartadserver.com

IN A

Response

rtb-csync.smartadserver.com

IN CNAME

rtb-csync-geo.usersync-prod-sas.akadns.net

rtb-csync-geo.usersync-prod-sas.akadns.net

IN CNAME

rtb-csync-euw1.smartadserver.com

rtb-csync-euw1.smartadserver.com

IN A

89.149.192.200

rtb-csync-euw1.smartadserver.com

IN A

81.17.55.106

rtb-csync-euw1.smartadserver.com

IN A

81.17.55.173

rtb-csync-euw1.smartadserver.com

IN A

81.17.55.116

rtb-csync-euw1.smartadserver.com

IN A

81.17.55.117

rtb-csync-euw1.smartadserver.com

IN A

89.149.192.201

rtb-csync-euw1.smartadserver.com

IN A

81.17.55.172

rtb-csync-euw1.smartadserver.com

IN A

89.149.192.73

rtb-csync-euw1.smartadserver.com

IN A

81.17.55.97

rtb-csync-euw1.smartadserver.com

IN A

89.149.192.74
GET

https://rtb-csync.smartadserver.com/redir?partneruserid=AAGz0E7MKDoAABXnInPt6g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

89.149.192.200:443

Request

GET /redir?partneruserid=AAGz0E7MKDoAABXnInPt6g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/1.1
Host: rtb-csync.smartadserver.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

content-length: 0
date: Mon, 08 Apr 2024 16:36:50 GMT
cache-control: no-cache,no-store
location: https://match.prod.bidr.io/cookie-sync?gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=2561523538200970354&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA
pragma: no-cache
set-cookie: pid=2561523538200970354; expires=Fri, 09 May 2025 16:36:50 GMT; domain=smartadserver.com; path=/; SameSite=None; secure
set-cookie: TestIfCookieP=ok; expires=Fri, 09 May 2025 16:36:50 GMT; domain=smartadserver.com; path=/; SameSite=None; secure
set-cookie: csync=127:AAGz0E7MKDoAABXnInPt6g; expires=Tue, 08 Apr 2025 16:36:50 GMT; domain=smartadserver.com; path=/; SameSite=None; secure
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
DNS

ad.mrtnsvr.com

chrome.exe

Remote address:

8.8.8.8:53

Request

ad.mrtnsvr.com

IN A

Response

ad.mrtnsvr.com

IN A

34.102.163.6
DNS

cm-supply-web.gammaplatform.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cm-supply-web.gammaplatform.com

IN A

Response

cm-supply-web.gammaplatform.com

IN A

35.186.154.107
DNS

bh.contextweb.com

chrome.exe

Remote address:

8.8.8.8:53

Request

bh.contextweb.com

IN A

Response

bh.contextweb.com

IN CNAME

am1-bh.contextweb.com

am1-bh.contextweb.com

IN CNAME

am1-direct-bgp.contextweb.com

am1-direct-bgp.contextweb.com

IN A

208.93.169.131
GET

https://bh.contextweb.com/bh/rtset?ev=AAGz0E7MKDoAABXnInPt6g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26userid%3D2561523538200970354%26gdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

208.93.169.131:443

Request

GET /bh/rtset?ev=AAGz0E7MKDoAABXnInPt6g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26userid%3D2561523538200970354%26gdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/2.0
host: bh.contextweb.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 302

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
cw-server: bh-deployment-stage-0
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: VP=part_IRBvvNHdxv0s;Version=0;Path=/;Domain=.contextweb.com;Max-Age=31104000;Secure;Expires=Thu, 03-Apr-2025 16:36:51 GMT;SameSite=None;Partitioned
set-cookie: pb_rtb_ev_part=3-1qoz|7dN.0.AAGz0E7MKDoAABXnInPt6g;Version=0;Path=/;Domain=.contextweb.com;Max-Age=31536000;Secure;Expires=Tue, 08-Apr-2025 16:36:51 GMT;SameSite=None;Partitioned
set-cookie: pb_rtb_ev=3-1qoz|7dN.0.AAGz0E7MKDoAABXnInPt6g;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Tue, 08-Apr-2025 16:36:51 GMT;Max-Age=31536000;SameSite=None
set-cookie: V=IRBvvNHdxv0s;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Thu, 03-Apr-2025 16:36:51 GMT;Max-Age=31104000;SameSite=None
set-cookie: gdpr=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Wed, 08-May-2024 16:36:51 GMT;Max-Age=2592000;SameSite=None
location: https://match.prod.bidr.io/cookie-sync?gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&userid=2561523538200970354&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAGz0E7MKDoAABXnInPt6g&pid=558502&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&do=add&gdpr=1
server: Jetty(10.0.14)
set-cookie: INGRESSCOOKIE=f42355c2d7869937; path=/; HttpOnly; Secure; SameSite=None
DNS

match.adsby.bidtheatre.com

chrome.exe

Remote address:

8.8.8.8:53

Request

match.adsby.bidtheatre.com

IN A

Response

match.adsby.bidtheatre.com

IN A

64.227.64.62

match.adsby.bidtheatre.com

IN A

188.166.17.21

match.adsby.bidtheatre.com

IN A

134.122.57.34
GET

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

64.227.64.62:443

Request

GET /pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/1.1
Host: match.adsby.bidtheatre.com
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: no-cors
Sec-Fetch-Dest: image
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 302

Date: Mon, 08 Apr 2024 16:36:51 GMT
Server: Apache
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Set-Cookie: __kuid=d68bcc1c-191d-47c5-9b32-fc70409aa188.481808211; Max-Age=604800; Domain=.adsby.bidtheatre.com; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr=1&piggybackCookie=uid:d68bcc1c-191d-47c5-9b32-fc70409aa188&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Content-Length: 0
Keep-Alive: timeout=5, max=3000
Connection: Keep-Alive
DNS

117.157.30.52.in-addr.arpa

Remote address:

8.8.8.8:53

Request

117.157.30.52.in-addr.arpa

IN PTR

Response

117.157.30.52.in-addr.arpa

IN PTR

ec2-52-30-157-117 eu-west-1compute amazonawscom
DNS

sync-dmp.aura-dsp.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sync-dmp.aura-dsp.com

IN A

Response
DNS

8.213.145.82.in-addr.arpa

Remote address:

8.8.8.8:53

Request

8.213.145.82.in-addr.arpa

IN PTR

Response

8.213.145.82.in-addr.arpa

IN PTR

n-sysadmin-jumpbox-03feednewsopera technology
DNS

54.244.214.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

54.244.214.35.in-addr.arpa

IN PTR

Response

54.244.214.35.in-addr.arpa

IN PTR

5424421435bcgoogleusercontentcom
DNS

54.244.214.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

54.244.214.35.in-addr.arpa

IN PTR

Response

54.244.214.35.in-addr.arpa

IN PTR

5424421435bcgoogleusercontentcom
DNS

173.193.186.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

173.193.186.35.in-addr.arpa

IN PTR

Response

173.193.186.35.in-addr.arpa

IN PTR

17319318635bcgoogleusercontentcom
DNS

20.165.5.195.in-addr.arpa

Remote address:

8.8.8.8:53

Request

20.165.5.195.in-addr.arpa

IN PTR

Response
DNS

200.192.149.89.in-addr.arpa

Remote address:

8.8.8.8:53

Request

200.192.149.89.in-addr.arpa

IN PTR

Response
DNS

6.163.102.34.in-addr.arpa

Remote address:

8.8.8.8:53

Request

6.163.102.34.in-addr.arpa

IN PTR

Response

6.163.102.34.in-addr.arpa

IN PTR

616310234bcgoogleusercontentcom
DNS

131.169.93.208.in-addr.arpa

Remote address:

8.8.8.8:53

Request

131.169.93.208.in-addr.arpa

IN PTR

Response
DNS

183.156.155.213.in-addr.arpa

Remote address:

8.8.8.8:53

Request

183.156.155.213.in-addr.arpa

IN PTR

Response
DNS

249.197.17.2.in-addr.arpa

Remote address:

8.8.8.8:53

Request

249.197.17.2.in-addr.arpa

IN PTR

Response

249.197.17.2.in-addr.arpa

IN PTR

a2-17-197-249deploystaticakamaitechnologiescom
DNS

62.64.227.64.in-addr.arpa

Remote address:

8.8.8.8:53

Request

62.64.227.64.in-addr.arpa

IN PTR

Response
DNS

google.com

chrome.exe

Remote address:

8.8.8.8:53

Request

google.com

IN A

Response

google.com

IN A

142.250.200.14
DNS

beacons.gcp.gvt2.com

chrome.exe

Remote address:

8.8.8.8:53

Request

beacons.gcp.gvt2.com

IN A

Response

beacons.gcp.gvt2.com

IN CNAME

beacons-handoff.gcp.gvt2.com

beacons-handoff.gcp.gvt2.com

IN A

192.178.49.163
POST

https://google.com/domainreliability/upload

chrome.exe

Remote address:

142.250.200.14:443

Request

POST /domainreliability/upload HTTP/2.0
host: google.com
content-length: 286
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

192.178.49.163:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 5046
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gcp.gvt2.com/domainreliability/upload

chrome.exe

Remote address:

192.178.49.163:443

Request

POST /domainreliability/upload HTTP/2.0
host: beacons.gcp.gvt2.com
content-length: 531
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

14.200.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

14.200.250.142.in-addr.arpa

IN PTR

Response

14.200.250.142.in-addr.arpa

IN PTR

lhr48s29-in-f141e100net
DNS

163.49.178.192.in-addr.arpa

Remote address:

8.8.8.8:53

Request

163.49.178.192.in-addr.arpa

IN PTR

Response

163.49.178.192.in-addr.arpa

IN PTR

phx19s05-in-f31e100net
DNS

a.nel.cloudflare.com

chrome.exe

Remote address:

8.8.8.8:53

Request

a.nel.cloudflare.com

IN A

Response

a.nel.cloudflare.com

IN A

35.190.80.1
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=q35C9da2yg93fvNFVBtRf9xrnPqMVnK2a3KBy274KGRtRLagPTIy89pi60y4RGmI%2B%2FMn%2BxbMAgXPJkd%2F9Jneb5jkG8qMNy5e6DhJCfIuC26QMNrpbSW753QhH1pTtmTy

chrome.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=q35C9da2yg93fvNFVBtRf9xrnPqMVnK2a3KBy274KGRtRLagPTIy89pi60y4RGmI%2B%2FMn%2BxbMAgXPJkd%2F9Jneb5jkG8qMNy5e6DhJCfIuC26QMNrpbSW753QhH1pTtmTy HTTP/2.0
host: a.nel.cloudflare.com
origin: https://k-storage.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
OPTIONS

https://a.nel.cloudflare.com/report/v4?s=TlWfxE%2BZckYQ9BWQsM4RBUK%2FYX9OgQiqD01YfZAHUVooVUFgK3Zxw09bLvirxWWqGQg2swhpgpp6sQ1VTOkP2CtozFq7UriTa3OXFMvtBPf0uudLjRnn2lgUwIndZdqJRLneblnF

chrome.exe

Remote address:

35.190.80.1:443

Request

OPTIONS /report/v4?s=TlWfxE%2BZckYQ9BWQsM4RBUK%2FYX9OgQiqD01YfZAHUVooVUFgK3Zxw09bLvirxWWqGQg2swhpgpp6sQ1VTOkP2CtozFq7UriTa3OXFMvtBPf0uudLjRnn2lgUwIndZdqJRLneblnF HTTP/2.0
host: a.nel.cloudflare.com
origin: https://www.mediafiredls.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

googleads.g.doubleclick.net

chrome.exe

Remote address:

8.8.8.8:53

Request

googleads.g.doubleclick.net

IN A

Response

googleads.g.doubleclick.net

IN A

142.250.180.2
DNS

1.80.190.35.in-addr.arpa

Remote address:

8.8.8.8:53

Request

1.80.190.35.in-addr.arpa

IN PTR

Response

1.80.190.35.in-addr.arpa

IN PTR

18019035bcgoogleusercontentcom
DNS

2.180.250.142.in-addr.arpa

Remote address:

8.8.8.8:53

Request

2.180.250.142.in-addr.arpa

IN PTR

Response

2.180.250.142.in-addr.arpa

IN PTR

lhr25s32-in-f21e100net
DNS

sync-dmp.aura-dsp.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sync-dmp.aura-dsp.com

IN A

Response
DNS

sync-dmp.aura-dsp.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sync-dmp.aura-dsp.com

IN A

Response
DNS

cm.adgrx.com

chrome.exe

Remote address:

8.8.8.8:53

Request

cm.adgrx.com

IN A

Response

cm.adgrx.com

IN CNAME

rtb.adgrx.com

rtb.adgrx.com

IN CNAME

rtb.adgrx.com.tech.akadns.net

rtb.adgrx.com.tech.akadns.net

IN A

54.217.19.5
DNS

sync.1rx.io

chrome.exe

Remote address:

8.8.8.8:53

Request

sync.1rx.io

IN A

Response

sync.1rx.io

IN A

46.228.174.117
DNS

green.erne.co

chrome.exe

Remote address:

8.8.8.8:53

Request

green.erne.co

IN A

Response

green.erne.co

IN A

141.95.171.139

green.erne.co

IN A

141.95.172.216

green.erne.co

IN A

141.94.242.226

green.erne.co

IN A

141.95.171.141

green.erne.co

IN A

141.95.171.142

green.erne.co

IN A

141.94.242.204

green.erne.co

IN A

141.94.161.190

green.erne.co

IN A

141.94.240.143

green.erne.co

IN A

141.95.171.140

green.erne.co

IN A

141.94.161.158

green.erne.co

IN A

141.94.242.206
GET

https://green.erne.co/pubmatic/cm?gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

141.95.171.139:443

Request

GET /pubmatic/cm?gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/1.1
Host: green.erne.co
Connection: keep-alive
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9

Response

HTTP/1.1 302 Found

server: envoy
date: Mon, 08 Apr 2024 16:37:16 GMT
content-type: text/html
content-length: 145
location: https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D1%26gdpr_consent%3D%25_gdpr_consent
x-envoy-upstream-service-time: 0
DNS

5.19.217.54.in-addr.arpa

Remote address:

8.8.8.8:53

Request

5.19.217.54.in-addr.arpa

IN PTR

Response

5.19.217.54.in-addr.arpa

IN PTR

ec2-54-217-19-5 eu-west-1compute amazonawscom
DNS

117.174.228.46.in-addr.arpa

Remote address:

8.8.8.8:53

Request

117.174.228.46.in-addr.arpa

IN PTR

Response
GET

https://ad.turn.com/r/cs?pid=45&rndcb=1029629747

chrome.exe

Remote address:

46.228.164.11:443

Request

GET /r/cs?pid=45&rndcb=1029629747 HTTP/2.0
host: ad.turn.com
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: uid=7263111511922957154

Response

HTTP/2.0 302

p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
pragma: no-cache
set-cookie: uid=7263111511922957154; Domain=.turn.com; Expires=Sat, 05-Oct-2024 16:37:16 GMT; Path=/; Secure; SameSite=None
location: https://sync.1rx.io/usersync/turn/7263111511922957154?dspret=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=
content-length: 0
date: Mon, 08 Apr 2024 16:37:15 GMT
DNS

pixel-eu.onaudience.com

chrome.exe

Remote address:

8.8.8.8:53

Request

pixel-eu.onaudience.com

IN A

Response

pixel-eu.onaudience.com

IN A

141.94.171.213

pixel-eu.onaudience.com

IN A

141.94.170.64

pixel-eu.onaudience.com

IN A

146.59.148.16

pixel-eu.onaudience.com

IN A

141.94.171.216

pixel-eu.onaudience.com

IN A

141.94.171.212

pixel-eu.onaudience.com

IN A

141.94.171.214

pixel-eu.onaudience.com

IN A

141.94.171.215

pixel-eu.onaudience.com

IN A

141.94.170.77
GET

https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D1%26gdpr_consent%3D%25_gdpr_consent

chrome.exe

Remote address:

141.94.171.213:443

Request

GET /?partner=270&smartmap=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D1%26gdpr_consent%3D%25_gdpr_consent HTTP/1.1
Host: pixel-eu.onaudience.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: done_redirects162=1; cookie=9842fe6394a62970

Response

HTTP/1.1 302 Found

set-cookie: cookie=9842fe6394a62970; Max-Age=31536000; Expires=Tue, 8 Apr 2025 16:37:16 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
set-cookie: done_redirects200=1; Max-Age=86400; Expires=Tue, 9 Apr 2024 16:37:16 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
location: https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=1/gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253Dtk2EoAPtRSWXMnUYRWgUXRTa%2526gdpr%253D1%2526gdpr_consent%253DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA
content-length: 0
GET

https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=3c111862b263eec250ac64a5d416e542&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRSWXMnUYRWgUXRTa%26gdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

chrome.exe

Remote address:

141.94.171.213:443

Request

GET /?partner=104&icm&cver&mapped=3c111862b263eec250ac64a5d416e542&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRSWXMnUYRWgUXRTa%26gdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA HTTP/1.1
Host: pixel-eu.onaudience.com
Connection: keep-alive
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US,en;q=0.9
Cookie: done_redirects162=1; cookie=9842fe6394a62970; done_redirects200=1

Response

HTTP/1.1 302 Found

set-cookie: cookie=9842fe6394a62970; Max-Age=31536000; Expires=Tue, 8 Apr 2025 16:37:17 GMT; Path=/; Domain=.onaudience.com; Secure; SameSite=None
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRSWXMnUYRWgUXRTa&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA
content-length: 0
DNS

sync.targeting.unrulymedia.com

chrome.exe

Remote address:

8.8.8.8:53

Request

sync.targeting.unrulymedia.com

IN A

Response

sync.targeting.unrulymedia.com

IN CNAME

sync.1rx.io

sync.1rx.io

IN A

46.228.174.117
DNS

sync.crwdcntrl.net

chrome.exe

Remote address:

8.8.8.8:53

Request

sync.crwdcntrl.net

IN A

Response

sync.crwdcntrl.net

IN A

54.229.184.161

sync.crwdcntrl.net

IN A

52.210.166.25

sync.crwdcntrl.net

IN A

108.128.218.76

sync.crwdcntrl.net

IN A

99.80.66.155

sync.crwdcntrl.net

IN A

52.48.17.214

sync.crwdcntrl.net

IN A

52.49.69.142

sync.crwdcntrl.net

IN A

54.155.211.205

sync.crwdcntrl.net

IN A

54.77.0.180
DNS

139.171.95.141.in-addr.arpa

Remote address:

8.8.8.8:53

Request

139.171.95.141.in-addr.arpa

IN PTR

Response

139.171.95.141.in-addr.arpa

IN PTR

bixel-5cloudyovh
DNS

196.120.55.162.in-addr.arpa

Request

196.120.55.162.in-addr.arpa

IN PTR

Response

196.120.55.162.in-addr.arpa

IN PTR

static19612055162clientsyour-serverde
DNS

31.249.124.192.in-addr.arpa

Request

31.249.124.192.in-addr.arpa

IN PTR

Response

31.249.124.192.in-addr.arpa

IN PTR

cloudproxy10031sucurinet
DNS

213.171.94.141.in-addr.arpa

Request

213.171.94.141.in-addr.arpa

IN PTR

Response

213.171.94.141.in-addr.arpa

IN PTR

pikafka-eu-5cloudyovh
DNS

161.184.229.54.in-addr.arpa

Request

161.184.229.54.in-addr.arpa

IN PTR

Response

161.184.229.54.in-addr.arpa

IN PTR

ec2-54-229-184-161 eu-west-1compute amazonawscom
DNS

11.227.111.52.in-addr.arpa

Request

11.227.111.52.in-addr.arpa

IN PTR

Response
DNS

beacons3.gvt2.com

Request

beacons3.gvt2.com

IN A

Response

beacons3.gvt2.com

IN A

172.217.169.3
DNS

2.173.189.20.in-addr.arpa

Request

2.173.189.20.in-addr.arpa

IN PTR

Response
DNS

beacons.gvt2.com

Request

beacons.gvt2.com

IN A

Response

beacons.gvt2.com

IN A

192.178.48.227
OPTIONS

https://beacons.gvt2.com/domainreliability/upload-nel

Request

OPTIONS /domainreliability/upload-nel HTTP/2.0
host: beacons.gvt2.com
origin: https://beacons.gcp.gvt2.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
POST

https://beacons.gvt2.com/domainreliability/upload-nel

Request

POST /domainreliability/upload-nel HTTP/2.0
host: beacons.gvt2.com
content-length: 407
content-type: application/reports+json
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

google.com

Request

google.com

IN A

Response

google.com

IN A

142.250.200.14
DNS

227.48.178.192.in-addr.arpa

Request

227.48.178.192.in-addr.arpa

IN PTR

Response

227.48.178.192.in-addr.arpa

IN PTR

phx18s07-in-f31e100net
DNS

g.ezoic.net

Request

g.ezoic.net

IN A

Response

g.ezoic.net

IN A

35.181.89.222

g.ezoic.net

IN A

13.39.145.251

g.ezoic.net

IN A

15.188.219.54
DNS

www.google.com

Request

www.google.com

IN A

Response

www.google.com

IN A

142.250.178.4
POST

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzEyNTk0MzkxMTc5In1dfV0=

Request

POST /detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzEyNTk0MzkxMTc5In1dfV0= HTTP/2.0
host: g.ezoic.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://www.mediafire.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://www.mediafire.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

access-control-allow-origin: https://www.mediafire.com
cache-control: private, max-age=0, must-revalidate, no-cache, no-store
date: Mon, 08 Apr 2024 16:39:52 GMT
expires: Sun, 07 Apr 2024 16:39:52 GMT
vary: Accept-Encoding
x-middleton-display: ezp_sol
DNS

csm.nl3.eu.criteo.net

Request

csm.nl3.eu.criteo.net

IN A

Response

csm.nl3.eu.criteo.net

IN CNAME

csm.nl3.vip.prod.criteo.net

csm.nl3.vip.prod.criteo.net

IN A

178.250.1.25
POST

https://csm.nl3.eu.criteo.net/iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~101

Request

POST /iev?entry=c~Gum.ChromeSyncframe.CookieRead.uid~1&entry=c~Gum.ChromeSyncframe.SidReadSuccess~1&entry=h~Gum.ChromeSyncframe.SidReadSuccessDuration~101 HTTP/2.0
host: csm.nl3.eu.criteo.net
content-length: 0
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
origin: https://gum.criteo.com
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://gum.criteo.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

date: Mon, 08 Apr 2024 16:39:52 GMT
pragma: no-cache
server: Finatra
expires: 0
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
content-length: 43
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; preload;
DNS

analytics.google.com

Request

analytics.google.com

IN A

Response

analytics.google.com

IN CNAME

analytics-alv.google.com

analytics-alv.google.com

IN A

216.239.34.181

analytics-alv.google.com

IN A

216.239.38.181

analytics-alv.google.com

IN A

216.239.32.181

analytics-alv.google.com

IN A

216.239.36.181
DNS

25.1.250.178.in-addr.arpa

Request

25.1.250.178.in-addr.arpa

IN PTR

Response
DNS

e2c44.gcp.gvt2.com

Request

e2c44.gcp.gvt2.com

IN A

Response

e2c44.gcp.gvt2.com

IN A

35.216.230.172
DNS

discords-com.webpkgcache.com

Request

discords-com.webpkgcache.com

IN A

Response

discords-com.webpkgcache.com

IN CNAME

webpkgcache.com

webpkgcache.com

IN A

142.250.180.1
POST

https://e2c44.gcp.gvt2.com/nel/

Request

POST /nel/ HTTP/2.0
host: e2c44.gcp.gvt2.com
content-length: 284
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Mon, 08 Apr 2024 16:39:52 GMT
GET

https://discords-com.webpkgcache.com/doc/-/s/discords.com/servers/tags/account%20generator

Request

GET /doc/-/s/discords.com/servers/tags/account%20generator HTTP/2.0
host: discords-com.webpkgcache.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://www.google.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: application/signed-exchange;v=b3;q=0.7,*/*;q=0.8
purpose: prefetch
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: empty
referer: https://www.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

i.ytimg.com

Request

i.ytimg.com

IN A

Response

i.ytimg.com

IN A

216.58.201.118

i.ytimg.com

IN A

216.58.204.86

i.ytimg.com

IN A

216.58.213.22

i.ytimg.com

IN A

172.217.169.22

i.ytimg.com

IN A

172.217.169.86

i.ytimg.com

IN A

142.250.179.246

i.ytimg.com

IN A

142.250.180.22

i.ytimg.com

IN A

142.250.187.214

i.ytimg.com

IN A

142.250.187.246

i.ytimg.com

IN A

142.250.178.22

i.ytimg.com

IN A

172.217.16.246

i.ytimg.com

IN A

142.250.200.22

i.ytimg.com

IN A

142.250.200.54
DNS

pki.goog

Request

pki.goog

IN A

Response

pki.goog

IN A

216.239.32.29
GET

https://i.ytimg.com/vi/8fAFIVyF6jE/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3ln8uOoo7nCO14IptwEgrd8wwP69A

Request

GET /vi/8fAFIVyF6jE/mqdefault.jpg?sqp=-oaymwEFCJQBEFM&rs=AMzJL3ln8uOoo7nCO14IptwEgrd8wwP69A HTTP/2.0
host: i.ytimg.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
x-client-data: CIr7ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://www.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
GET

http://pki.goog/repo/certs/gtsr4.der

Request

GET /repo/certs/gtsr4.der HTTP/1.1
Connection: Keep-Alive
Accept: */*
User-Agent: Microsoft-CryptoAPI/10.0
Host: pki.goog

Response

HTTP/1.1 200 OK

Accept-Ranges: bytes
Content-Security-Policy-Report-Only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cacerts
Cross-Origin-Resource-Policy: cross-origin
Cross-Origin-Opener-Policy: same-origin; report-to="cacerts"
Report-To: {"group":"cacerts","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cacerts"}]}
Content-Length: 525
X-Content-Type-Options: nosniff
Server: sffe
X-XSS-Protection: 0
Date: Mon, 08 Apr 2024 16:14:21 GMT
Expires: Mon, 08 Apr 2024 17:04:21 GMT
Cache-Control: public, max-age=3000
Age: 1532
Last-Modified: Wed, 19 Aug 2020 07:45:00 GMT
Content-Type: application/pkix-cert
Vary: Accept-Encoding
DNS

apis.google.com

Request

apis.google.com

IN A

Response

apis.google.com

IN CNAME

plus.l.google.com

plus.l.google.com

IN A

216.58.201.110
GET

https://apis.google.com/_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_AfeXEgP9UD-iQrKiwqZLadQ_cBg/cb=gapi.loaded_0

Request

GET /_/scs/abc-static/_/js/k=gapi.gapi.en.uvrmm4sgViM.O/m=gapi_iframes,googleapis_client/rt=j/sv=1/d=1/ed=1/am=AAAC/rs=AHpOoo_AfeXEgP9UD-iQrKiwqZLadQ_cBg/cb=gapi.loaded_0 HTTP/2.0
host: apis.google.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CIr7ygE=
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: AEC=AQTF6HxVQ2Ze7gaP42AoJhfYQ7hUa6Bzrd_Lws2YLZDf9SvYc2Gbmnhs3Q
cookie: NID=513=iT3oziZXKws5YThwBji6F6bYr_y6f_kppah6AVRrp0aG_k1S8LUZeStUlWlw9cPy87jEwT2qWoaDq3KUSo6Nma06pp9TcNAg_zxx9nt7cJwsHiRMzi1OEI7ErNMcF7uqiiLLlWrZKHJFLAgdA6WjtLDl4QOv-01dGINvPT5Tirk
DNS

181.34.239.216.in-addr.arpa

Request

181.34.239.216.in-addr.arpa

IN PTR

Response
DNS

172.230.216.35.in-addr.arpa

Request

172.230.216.35.in-addr.arpa

IN PTR

Response

172.230.216.35.in-addr.arpa

IN PTR

17223021635bcgoogleusercontentcom
DNS

118.201.58.216.in-addr.arpa

Request

118.201.58.216.in-addr.arpa

IN PTR

Response

118.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f221e100net

118.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f118�I

118.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f22�I
DNS

www.youtube.com

Request

www.youtube.com

IN A

Response

www.youtube.com

IN CNAME

youtube-ui.l.google.com

youtube-ui.l.google.com

IN A

142.250.200.46

youtube-ui.l.google.com

IN A

216.58.201.110

youtube-ui.l.google.com

IN A

216.58.204.78

youtube-ui.l.google.com

IN A

216.58.213.14

youtube-ui.l.google.com

IN A

172.217.169.14

youtube-ui.l.google.com

IN A

142.250.179.238

youtube-ui.l.google.com

IN A

142.250.180.14

youtube-ui.l.google.com

IN A

142.250.187.206

youtube-ui.l.google.com

IN A

142.250.187.238

youtube-ui.l.google.com

IN A

142.250.178.14

youtube-ui.l.google.com

IN A

172.217.16.238

youtube-ui.l.google.com

IN A

142.250.200.14
DNS

110.201.58.216.in-addr.arpa

Request

110.201.58.216.in-addr.arpa

IN PTR

Response

110.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f1101e100net

110.201.58.216.in-addr.arpa

IN PTR

prg03s02-in-f14�J

110.201.58.216.in-addr.arpa

IN PTR

lhr48s48-in-f14�J
DNS

29.32.239.216.in-addr.arpa

Request

29.32.239.216.in-addr.arpa

IN PTR

Response

29.32.239.216.in-addr.arpa

IN PTR

any-in-201d1e100net
DNS

static.doubleclick.net

Request

static.doubleclick.net

IN A

Response

static.doubleclick.net

IN A

142.250.179.230
DNS

jnn-pa.googleapis.com

Request

jnn-pa.googleapis.com

IN A

Response

jnn-pa.googleapis.com

IN A

216.58.212.234

jnn-pa.googleapis.com

IN A

172.217.169.42

jnn-pa.googleapis.com

IN A

142.250.179.234

jnn-pa.googleapis.com

IN A

142.250.180.10

jnn-pa.googleapis.com

IN A

142.250.187.202

jnn-pa.googleapis.com

IN A

142.250.187.234

jnn-pa.googleapis.com

IN A

142.250.178.10

jnn-pa.googleapis.com

IN A

172.217.16.234

jnn-pa.googleapis.com

IN A

142.250.200.10

jnn-pa.googleapis.com

IN A

142.250.200.42

jnn-pa.googleapis.com

IN A

216.58.201.106

jnn-pa.googleapis.com

IN A

216.58.204.74

jnn-pa.googleapis.com

IN A

216.58.213.10
GET

https://static.doubleclick.net/instream/ad_status.js

Request

GET /instream/ad_status.js HTTP/2.0
host: static.doubleclick.net
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
x-client-data: CIr7ygE=
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: script
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: IDE=AHWqTUn90FsUabAWYjQX7lgrG7b_Q8UkJ9ST1QPasavmV6dUHO_PE5idxK-Z13B95xs
cookie: ar_debug=1
cookie: DSID=NO_DATA
OPTIONS

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Request

OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/2.0
host: jnn-pa.googleapis.com
accept: */*
access-control-request-method: POST
access-control-request-headers: content-type,x-goog-api-key,x-user-agent
origin: https://www.youtube.com
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-fetch-mode: cors
sec-fetch-site: cross-site
sec-fetch-dest: empty
referer: https://www.youtube.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

46.200.250.142.in-addr.arpa

Request

46.200.250.142.in-addr.arpa

IN PTR

Response

46.200.250.142.in-addr.arpa

IN PTR

lhr48s30-in-f141e100net
DNS

230.179.250.142.in-addr.arpa

Request

230.179.250.142.in-addr.arpa

IN PTR

Response

230.179.250.142.in-addr.arpa

IN PTR

lhr25s31-in-f61e100net
DNS

234.212.58.216.in-addr.arpa

Request

234.212.58.216.in-addr.arpa

IN PTR

Response

234.212.58.216.in-addr.arpa

IN PTR

ams16s22-in-f101e100net

234.212.58.216.in-addr.arpa

IN PTR

lhr25s28-in-f10�I

234.212.58.216.in-addr.arpa

IN PTR

ams16s22-in-f234�I
DNS

github.com

Request

github.com

IN A

Response

github.com

IN A

20.26.156.215
GET

https://github.com/topics/discord-account-creator

Request

GET /topics/discord-account-creator HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Windows"
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
referer: https://www.google.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

server: GitHub.com
date: Mon, 08 Apr 2024 16:40:03 GMT
content-type: text/html; charset=utf-8
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
etag: W/"dbe997fe2c1253ee359ae1daf8fb0476"
cache-control: max-age=0, private, must-revalidate
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com www.youtube.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com events-feed.github.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-encoding: gzip
set-cookie: _gh_sess=skN83JfqzOQ3LXg1jy72CmrBOoabPoaAIBIZqom%2BclcM%2FSM8nydZY8oaJEy%2BsjRtLRPwj%2BOGj8eo4URg3ypaA8vd0i%2FUeIhBwiq3AMu5kX2dwFcOyWyJwwqs2yFwqEg8cMzEcdyaaz2wbIKDovlh4%2BFB7E5EoTfkeovJHZig8wqON4eILA8TjIvWrrjccsxbo%2FcDJQ%2FdsM9vjGbCdFmW3Gq%2FgdS7saKkABWKEbqnewnujMencD0e99xFhaC2PT%2FzQxFZCrzT7yVSJCkRVgDiog%3D%3D--eQBtGqpBgyRgw9JZ--CmDHnVIZl%2B90w7cWbIYIrg%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.461704506.1712594403; Path=/; Domain=github.com; Expires=Tue, 08 Apr 2025 16:40:03 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Tue, 08 Apr 2025 16:40:03 GMT; HttpOnly; Secure; SameSite=Lax
accept-ranges: bytes
x-github-request-id: E7D4:51E5E:5F8E74:61777C:66141DE3
GET

https://github.com/manifest.json

Request

GET /manifest.json HTTP/2.0
host: github.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: same-origin
sec-fetch-mode: cors
sec-fetch-dest: manifest
referer: https://github.com/topics/discord-account-creator
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _gh_sess=skN83JfqzOQ3LXg1jy72CmrBOoabPoaAIBIZqom%2BclcM%2FSM8nydZY8oaJEy%2BsjRtLRPwj%2BOGj8eo4URg3ypaA8vd0i%2FUeIhBwiq3AMu5kX2dwFcOyWyJwwqs2yFwqEg8cMzEcdyaaz2wbIKDovlh4%2BFB7E5EoTfkeovJHZig8wqON4eILA8TjIvWrrjccsxbo%2FcDJQ%2FdsM9vjGbCdFmW3Gq%2FgdS7saKkABWKEbqnewnujMencD0e99xFhaC2PT%2FzQxFZCrzT7yVSJCkRVgDiog%3D%3D--eQBtGqpBgyRgw9JZ--CmDHnVIZl%2B90w7cWbIYIrg%3D%3D
cookie: _octo=GH1.1.461704506.1712594403
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Mon, 08 Apr 2024 16:40:04 GMT
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, Accept-Encoding, Accept, X-Requested-With
cache-control: max-age=604800, public
etag: W/"c75e05794d72230a695e880f1a6c83a4"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com api.githubcopilot.com objects-origin.githubusercontent.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.com/assets-cdn/worker/ gist.github.com/assets-cdn/worker/
content-type: application/manifest+json; charset=utf-8
content-encoding: gzip
accept-ranges: bytes
content-length: 474
x-github-request-id: E7D4:51E5E:5F927C:617B9F:66141DE3
DNS

215.156.26.20.in-addr.arpa

Request

215.156.26.20.in-addr.arpa

IN PTR

Response
DNS

avatars.githubusercontent.com

Request

avatars.githubusercontent.com

IN A

Response

avatars.githubusercontent.com

IN A

185.199.108.133

avatars.githubusercontent.com

IN A

185.199.109.133

avatars.githubusercontent.com

IN A

185.199.110.133

avatars.githubusercontent.com

IN A

185.199.111.133
GET

https://github.githubassets.com/assets/light-0eace2597ca3.css

Request

GET /assets/light-0eace2597ca3.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 24 Jan 2024 14:36:35 GMT
etag: 0x8DC1CE9DE118C7E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 2953122
x-served-by: cache-iad-kiad7000125-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 82, 1385
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8c9a47331e9ea9c6a18577a2e4d20d928a322a04
content-length: 4258
GET

https://github.githubassets.com/assets/dark-a167e256da9c.css

Request

GET /assets/dark-a167e256da9c.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 24 Jan 2024 14:36:34 GMT
etag: 0x8DC1CE9DD51FA52
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 277748
x-served-by: cache-iad-kiad7000046-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 160, 1377
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 50f57fb1210ff34cfc7a4a9544f608e8efe15579
content-length: 4293
GET

https://github.githubassets.com/assets/primer-primitives-366b5c973fad.css

Request

GET /assets/primer-primitives-366b5c973fad.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 29 Mar 2024 23:07:06 GMT
etag: 0x8DC5044F4129C39
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 595989
x-served-by: cache-iad-kiad7000125-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 122, 1958
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 05241b13eac3e4ac526b437a4299a37d275e6ce7
content-length: 51064
GET

https://github.githubassets.com/assets/primer-44fa1513ddd0.css

Request

GET /assets/primer-44fa1513ddd0.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 19 Mar 2024 18:00:01 GMT
etag: 0x8DC483E6635234F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 1716173
x-served-by: cache-iad-kjyo7100135-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 1672
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6c50a878d4ce56b1278e5b59ef57ad40be2d0750
content-length: 1715
GET

https://github.githubassets.com/assets/global-df21b6fbffc1.css

Request

GET /assets/global-df21b6fbffc1.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 06 Feb 2024 14:39:35 GMT
etag: 0x8DC272170CBB925
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 169492
x-served-by: cache-iad-kjyo7100069-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 16, 352
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b3d04eb52b201de777264627a55768e653649f16
content-length: 1441
GET

https://github.githubassets.com/assets/github-07f750db5d7c.css

Request

GET /assets/github-07f750db5d7c.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Tue, 19 Mar 2024 21:38:05 GMT
etag: 0x8DC485CDCCA6225
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 1476438
x-served-by: cache-iad-kcgs7200142-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 63, 333
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: a2b03cf8495fe82d8e3a4c8c6729f5a8abb06e95
content-length: 2535
GET

https://github.githubassets.com/assets/explore-e56a0802d3f5.css

Request

GET /assets/explore-e56a0802d3f5.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Fri, 05 Apr 2024 19:32:43 GMT
etag: 0x8DC55A72A47DF15
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 23604
x-served-by: cache-iad-kcgs7200156-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 47, 263
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: fbe276588b68e2e335e63f771ec759dcd00e0eda
content-length: 10598
GET

https://github.githubassets.com/assets/discussions-4a9715cdd9f3.css

Request

GET /assets/discussions-4a9715cdd9f3.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 03 Apr 2024 18:03:04 GMT
etag: 0x8DC54084F21B9B2
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 246780
x-served-by: cache-iad-kjyo7100147-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 90, 2508
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cbe758de619c7197d1eaaaba027a88b5a2eace27
content-length: 24814
GET

https://github.githubassets.com/assets/site-ce808367f662.css

Request

GET /assets/site-ce808367f662.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Wed, 24 Jan 2024 14:36:34 GMT
etag: 0x8DC1CE9DD833325
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 173735
x-served-by: cache-iad-kiad7000049-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 23, 96
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f8391da9bf1e1844708d8c6995576b00ef7afc6b
content-length: 1076
GET

https://github.githubassets.com/assets/dashboard-eff640980650.css

Request

GET /assets/dashboard-eff640980650.css HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: text/css,*/*;q=0.1
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: style
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: text/css
last-modified: Mon, 08 Apr 2024 09:20:41 GMT
etag: 0x8DC57AD2939F91E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 23642
x-served-by: cache-iad-kcgs7200035-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 2192
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3fbd4d5a391b54e3ec2ce7e50a3d015c0dd5a667
content-length: 45031
GET

https://github.githubassets.com/assets/wp-runtime-3017d22cbef4.js

Request

GET /assets/wp-runtime-3017d22cbef4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 08 Apr 2024 14:54:57 GMT
etag: 0x8DC57DBDBEAE2BE
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 3360
x-served-by: cache-iad-kiad7000100-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 56, 231
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9e5be223d912c4f355e2694351a06e97681541b8
content-length: 12065
GET

https://github.githubassets.com/assets/vendors-node_modules_dompurify_dist_purify_js-6890e890956f.js

Request

GET /assets/vendors-node_modules_dompurify_dist_purify_js-6890e890956f.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 18:24:27 GMT
etag: 0x8DC42C1A6EBE6E7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 1811464
x-served-by: cache-iad-kiad7000125-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 11, 1748
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b41389c65b98465603fbfdb45596beda73688704
content-length: 3375
GET

https://github.githubassets.com/assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-7bd350d761f4.js

Request

GET /assets/vendors-node_modules_oddbird_popover-polyfill_dist_popover_js-7bd350d761f4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 24 Oct 2023 17:57:35 GMT
etag: 0x8DBD4BAB3E93C20
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 1507105
x-served-by: cache-iad-kiad7000110-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 19, 1722
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cf5ebce3b225aebd04a37b8344a23e1944024d89
content-length: 9184
GET

https://github.githubassets.com/assets/vendors-node_modules_smoothscroll-polyfill_dist_smoothscroll_js-node_modules_stacktrace-parse-a448e4-bb5415637fe0.js

Request

GET /assets/vendors-node_modules_smoothscroll-polyfill_dist_smoothscroll_js-node_modules_stacktrace-parse-a448e4-bb5415637fe0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 21:48:26 GMT
etag: 0x8DC4EA7A20B56D2
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 929642
x-served-by: cache-iad-kiad7000056-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 95, 1864
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3ade2d9ab10b42fea51b686ed5f0fcaed8b354b5
content-length: 5082
GET

https://github.githubassets.com/assets/environment-69a406071332.js

Request

GET /assets/environment-69a406071332.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 24 Oct 2023 17:57:35 GMT
etag: 0x8DBD4BAB420D672
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 2187847
x-served-by: cache-iad-kiad7000063-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 3947, 1678
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 97581108f48657d3b3ecce2086d29eb63a7a43f7
content-length: 3584
GET

https://github.githubassets.com/assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-9f960d9b217c.js

Request

GET /assets/vendors-node_modules_github_selector-observer_dist_index_esm_js-9f960d9b217c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 13 Dec 2023 20:04:22 GMT
etag: 0x8DBFC16B2EB2DBF
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 238214
x-served-by: cache-iad-kcgs7200056-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 87, 1697
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c58d56dd53eb46e4bf051cbc8271f8075b5b106e
content-length: 3555
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-086f7a27bac0.js

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_focus-zone_js-086f7a27bac0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 21:49:43 GMT
etag: 0x8DC5427F8ECE1D0
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 254767
x-served-by: cache-iad-kcgs7200117-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 107, 2615
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: eaadd027c6635b32f482bf0a6728a66841021ce5
content-length: 5756
GET

https://github.githubassets.com/assets/vendors-node_modules_github_relative-time-element_dist_index_js-c76945c5961a.js

Request

GET /assets/vendors-node_modules_github_relative-time-element_dist_index_js-c76945c5961a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 26 Feb 2024 19:17:29 GMT
etag: 0x8DC36FF9311C578
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 194634
x-served-by: cache-iad-kcgs7200020-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 1760
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e040c260dbd220ab1e7ce0d0870ad03098d77102
content-length: 5298
GET

https://github.githubassets.com/assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_markdown-toolbar-e-820fc0-bc8f02b96749.js

Request

GET /assets/vendors-node_modules_github_combobox-nav_dist_index_js-node_modules_github_markdown-toolbar-e-820fc0-bc8f02b96749.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 26 Jan 2024 14:37:34 GMT
etag: 0x8DC1E7C55AB5C06
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 304816
x-served-by: cache-iad-kjyo7100082-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 1697
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5d178c04b10126084b7c72b0acf7952d90eae76b
content-length: 4929
GET

https://github.githubassets.com/assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-14eb72583307.js

Request

GET /assets/vendors-node_modules_github_auto-complete-element_dist_index_js-node_modules_github_catalyst_-8e9f78-14eb72583307.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 21:48:24 GMT
etag: 0x8DC4EA7A1209F74
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 929643
x-served-by: cache-iad-kcgs7200039-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 95, 1849
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 39bac406aad579503d036d0c4b5e7c1acfa3c7e3
content-length: 3590
GET

https://github.githubassets.com/assets/vendors-node_modules_github_text-expander-element_dist_index_js-8a621df59e80.js

Request

GET /assets/vendors-node_modules_github_text-expander-element_dist_index_js-8a621df59e80.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 28 Feb 2024 14:37:49 GMT
etag: 0x8DC386AD642C84F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 445902
x-served-by: cache-iad-kcgs7200169-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 49, 1725
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 03ffb54b25e066521a55f82e17a48cabe7d3995f
content-length: 5877
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_stacktrace-parser_dist_stack-443cd5-559829a63de0.js

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_stacktrace-parser_dist_stack-443cd5-559829a63de0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 21:48:25 GMT
etag: 0x8DC4EA7A154945E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 929642
x-served-by: cache-iad-kiad7000087-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 95, 1903
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f442c1cba146e8cc87dc8f9c34775eb335cb797f
content-length: 7467
GET

https://github.githubassets.com/assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-654130b7cde5.js

Request

GET /assets/vendors-node_modules_github_filter-input-element_dist_index_js-node_modules_github_remote-inp-b7d8f4-654130b7cde5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 23 Feb 2024 10:52:50 GMT
etag: 0x8DC345D9433CD2B
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 277965
x-served-by: cache-iad-kcgs7200178-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 1742
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4593790ddcc3b47c91a88a97d9b2f9d21ef927f2
content-length: 3974
GET

https://github.githubassets.com/assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-3959a9-134c7fee9431.js

Request

GET /assets/vendors-node_modules_github_file-attachment-element_dist_index_js-node_modules_primer_view-co-3959a9-134c7fee9431.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 21:48:25 GMT
etag: 0x8DC4EA7A1544696
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 197566
x-served-by: cache-iad-kcgs7200112-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 95, 1880
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b62d5bd4829be09a0da5064e8ddb0d4eea5db047
content-length: 7559
GET

https://github.githubassets.com/assets/github-elements-b4a56d108039.js

Request

GET /assets/github-elements-b4a56d108039.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 16:33:28 GMT
etag: 0x8DC558E1FCC7313
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 249852
x-served-by: cache-iad-kiad7000070-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 185, 2347
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 84412ae97797aaea7566d8b83c20e60754c7728d
content-length: 8312
GET

https://github.githubassets.com/assets/element-registry-38798b21e7eb.js

Request

GET /assets/element-registry-38798b21e7eb.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 24 Oct 2023 17:57:35 GMT
etag: 0x8DBD4BAB41AC2C2
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 276021
x-served-by: cache-iad-kiad7000150-IAD, cache-lcy-eglc8600039-LCY
x-cache: MISS, HIT
x-cache-hits: 0, 1689
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 54ad4c7fd4c8a6cd508ef994783a32ef95928a14
content-length: 4293
GET

https://github.githubassets.com/assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1acb1c-a745699a1cfa.js

Request

GET /assets/vendors-node_modules_github_mini-throttle_dist_index_js-node_modules_stacktrace-parser_dist_s-1acb1c-a745699a1cfa.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 01:28:01 GMT
etag: 0x8DC4F8F79620F56
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 595989
x-served-by: cache-iad-kiad7000059-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 122, 1993
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: f13a64b8b9be16aafa649c3ef70c9b572d39324a
content-length: 21976
GET

https://github.githubassets.com/assets/vendors-node_modules_lit-html_lit-html_js-5b376145beff.js

Request

GET /assets/vendors-node_modules_lit-html_lit-html_js-5b376145beff.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 21 Feb 2024 14:59:32 GMT
etag: 0x8DC32EDB672E4D1
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 108142
x-served-by: cache-iad-kiad7000141-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 95, 1863
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 3cbb59f51c5f77fc16ad60bc94ab6035f307e619
content-length: 2409
GET

https://github.githubassets.com/assets/vendors-node_modules_morphdom_dist_morphdom-esm_js-node_modules_github_memoize_dist_esm_index_js-05801f7ca718.js

Request

GET /assets/vendors-node_modules_morphdom_dist_morphdom-esm_js-node_modules_github_memoize_dist_esm_index_js-05801f7ca718.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 21:49:44 GMT
etag: 0x8DC5427F9280FD9
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 254767
x-served-by: cache-iad-kiad7000046-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 107, 2649
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e6b138e0e5c43525b2569d5ea6a685b4ad81c798
content-length: 15310
GET

https://github.githubassets.com/assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-c91f4ad18b62.js

Request

GET /assets/vendors-node_modules_github_turbo_dist_turbo_es2017-esm_js-c91f4ad18b62.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 21:48:25 GMT
etag: 0x8DC4EA7A19DCE06
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 929642
x-served-by: cache-iad-kjyo7100177-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 95, 1878
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 08367441f347c8e04c4e6cf5af409093c2f99885
content-length: 6784
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_hydro-analytics-clien-b632a3-7938aac89f16.js

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_hydro-analytics-clien-b632a3-7938aac89f16.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 13 Dec 2023 17:40:24 GMT
etag: 0x8DBFC029676217D
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 110064
x-served-by: cache-iad-kiad7000173-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 5294, 1784
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b5e40c49eaa1fa42797b068042d17761d0ca50de
content-length: 21225
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_scroll-anchoring_dist_scro-52dc4b-4fecca2d00e4.js

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_scroll-anchoring_dist_scro-52dc4b-4fecca2d00e4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 11:14:04 GMT
etag: 0x8DC4E4F030B8D97
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 1049268
x-served-by: cache-iad-kjyo7100050-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 1882
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 74d97eb08467e990ec2da43c9b959cc1900dfa3c
content-length: 14018
GET

https://github.githubassets.com/assets/vendors-node_modules_color-convert_index_js-72c9fbde5ad4.js

Request

GET /assets/vendors-node_modules_color-convert_index_js-72c9fbde5ad4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 14:33:29 GMT
etag: 0x8DC53EB07B22C21
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 437114
x-served-by: cache-iad-kcgs7200107-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 2065
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b9bc5608f27771c2c7a4a440d1f1a65b56259870
content-length: 4590
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-95b84ee6bc34.js

Request

GET /assets/vendors-node_modules_primer_behaviors_dist_esm_dimensions_js-node_modules_github_jtml_lib_index_js-95b84ee6bc34.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 14:33:21 GMT
etag: 0x8DC53EB02E693D2
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 308299
x-served-by: cache-iad-kjyo7100054-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 6, 2054
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9805b60dcf5cd6590a4a81ea4e1698d46a6d9bca
content-length: 4554
GET

https://github.githubassets.com/assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-ff65ee-c202d20e2d3d.js

Request

GET /assets/vendors-node_modules_github_quote-selection_dist_index_js-node_modules_github_session-resume_-ff65ee-c202d20e2d3d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 16:53:07 GMT
etag: 0x8DC33C6BE772D99
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 244736
x-served-by: cache-iad-kcgs7200158-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 27, 1740
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0c75456d8c0330a2b9d5c47d59f87cc74e1aa966
content-length: 5604
GET

https://github.githubassets.com/assets/ui_packages_jtml-shimmed_jtml-shimmed_ts-ui_packages_safe-storage_safe-storage_ts-19f49df05d21.js

Request

GET /assets/ui_packages_jtml-shimmed_jtml-shimmed_ts-ui_packages_safe-storage_safe-storage_ts-19f49df05d21.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 04 Mar 2024 12:40:38 GMT
etag: 0x8DC3C484B842DBB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 2264353
x-served-by: cache-iad-kjyo7100115-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 17, 1690
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 637c04c00024cd7862938c2ed6ebe626afae4c50
content-length: 3544
GET

https://github.githubassets.com/assets/app_assets_modules_github_updatable-content_ts-ui_packages_hydro-analytics_hydro-analytics_ts-82813f-fb8253d1c2f5.js

Request

GET /assets/app_assets_modules_github_updatable-content_ts-ui_packages_hydro-analytics_hydro-analytics_ts-82813f-fb8253d1c2f5.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 05 Dec 2023 19:17:13 GMT
etag: 0x8DBF5C6C9ABE518
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 289731
x-served-by: cache-iad-kjyo7100150-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 20, 1687
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 5c85807df6516095e4980fee603183294d49a818
content-length: 3294
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-9de4213015af.js

Request

GET /assets/app_assets_modules_github_behaviors_task-list_ts-app_assets_modules_github_onfocus_ts-app_ass-421cec-9de4213015af.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 24 Oct 2023 17:57:34 GMT
etag: 0x8DBD4BAB3AB8E38
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 100437
x-served-by: cache-iad-kcgs7200101-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 2696, 1700
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 1fa8fccd41e4c44ce0297d23025193e4ba17490e
content-length: 5317
GET

https://github.githubassets.com/assets/app_assets_modules_github_sticky-scroll-into-view_ts-94209c43e6af.js

Request

GET /assets/app_assets_modules_github_sticky-scroll-into-view_ts-94209c43e6af.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Feb 2024 08:35:48 GMT
etag: 0x8DC26EE9E81093F
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 171720
x-served-by: cache-iad-kiad7000161-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 178, 1736
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0f8ebea1739cd6fa9bf67ee09d8948ef1c2e0de3
content-length: 5950
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-2e2258-05fd80a7ea89.js

Request

GET /assets/app_assets_modules_github_behaviors_ajax-error_ts-app_assets_modules_github_behaviors_include-2e2258-05fd80a7ea89.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 01 Apr 2024 17:53:29 GMT
etag: 0x8DC5274A35D5952
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 437114
x-served-by: cache-iad-kcgs7200071-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 6, 2032
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: b2501f9d15b2b67980fa0f22b78ef9eb0d04824e
content-length: 6049
GET

https://github.githubassets.com/assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-9285faa0e011.js

Request

GET /assets/app_assets_modules_github_behaviors_commenting_edit_ts-app_assets_modules_github_behaviors_ht-83c235-9285faa0e011.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 06 Feb 2024 08:35:48 GMT
etag: 0x8DC26EE9E556F64
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 929642
x-served-by: cache-iad-kiad7000150-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 95, 1868
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bbc827e30ea1f6874205366afc14e040b215e5e0
content-length: 4486
GET

https://github.githubassets.com/assets/behaviors-5f00c24f2137.js

Request

GET /assets/behaviors-5f00c24f2137.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 14:33:21 GMT
etag: 0x8DC53EB034A3CB4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 437114
x-served-by: cache-iad-kcgs7200083-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 6, 2163
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: da681844083dc2b1b517e70db5d4bda4c9ae89f6
content-length: 67280
GET

https://github.githubassets.com/assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-2ea61fcc9a71.js

Request

GET /assets/vendors-node_modules_delegated-events_dist_index_js-node_modules_github_catalyst_lib_index_js-06ff531-2ea61fcc9a71.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 16:53:07 GMT
etag: 0x8DC33C6BE7816FA
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 1058003
x-served-by: cache-iad-kiad7000028-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 27, 1712
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9d26f77eae1ed7878b9118b80fb6eccbd319816a
content-length: 3454
GET

https://github.githubassets.com/assets/notifications-global-6d6db5144cc3.js

Request

GET /assets/notifications-global-6d6db5144cc3.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 21:48:22 GMT
etag: 0x8DC4EA79FCC04B4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 292528
x-served-by: cache-iad-kjyo7100026-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 95, 1862
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 629a1878a7f2798fa98e02710a218f6205d96c6e
content-length: 3664
GET

https://github.githubassets.com/assets/react-lib-1fbfc5be2c18.js

Request

GET /assets/react-lib-1fbfc5be2c18.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 28 Mar 2024 17:47:17 GMT
etag: 0x8DC4F4F1C1658FB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 103908
x-served-by: cache-iad-kjyo7100049-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 100, 50
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 93707db1db75e6760ba84540c11609936df61590
content-length: 154920
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_octicons-react_dist_index_esm_js-node_modules_primer_react_lib-es-541a38-6ce7d7c3f9ee.js

Request

GET /assets/vendors-node_modules_primer_octicons-react_dist_index_esm_js-node_modules_primer_react_lib-es-541a38-6ce7d7c3f9ee.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 24 Oct 2023 17:57:32 GMT
etag: 0x8DBD4BAB2A79ED8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 127975
x-served-by: cache-iad-kcgs7200091-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 2019, 1852
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2796e34993220b202235f665842262078946f61b
content-length: 60628
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-8f8c5e2a2cbf.js

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Box_Box_js-8f8c5e2a2cbf.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 01 Apr 2024 17:53:37 GMT
etag: 0x8DC5274A8A45E14
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 287945
x-served-by: cache-iad-kjyo7100070-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 6, 2041
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ae9a2f600b303e7f0706e62e5caafdcc7aa19a0d
content-length: 3614
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-95a7748e3c39.js

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Button_Button_js-95a7748e3c39.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 08 Feb 2024 11:06:17 GMT
etag: 0x8DC2895F91375BB
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 173569
x-served-by: cache-iad-kjyo7100097-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 128, 1748
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 21075899f72c6d053e9a9d068f668ce5143c1c27
content-length: 4992
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-70d5275ffcb7.js

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_TooltipV2_Tooltip_js-70d5275ffcb7.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 22 Mar 2024 05:07:58 GMT
etag: 0x8DC4A2E0A997005
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 288352
x-served-by: cache-iad-kcgs7200050-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 158, 1990
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 99c47e7daa452848d71af0124f18d58247490483
content-length: 6431
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-b5c64c43d649.js

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_ActionList_index_js-b5c64c43d649.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 19:34:22 GMT
etag: 0x8DC55A7655B8861
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 243481
x-served-by: cache-iad-kjyo7100084-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 116, 2647
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 7dd5e86c927fff64ac9991642945466284429269
content-length: 12047
GET

https://github.githubassets.com/assets/vendors-node_modules_primer_react_lib-esm_Button_IconButton_js-node_modules_primer_react_lib--b964b4-dece718104ce.js

Request

GET /assets/vendors-node_modules_primer_react_lib-esm_Button_IconButton_js-node_modules_primer_react_lib--b964b4-dece718104ce.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 29 Mar 2024 21:43:20 GMT
etag: 0x8DC503940310B2C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 243481
x-served-by: cache-iad-kiad7000094-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 114, 2650
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 6801b8ab3333dd9df15c409037cd359238a3accc
content-length: 6455
GET

https://github.githubassets.com/assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7be102c61d97.js

Request

GET /assets/ui_packages_react-core_create-browser-history_ts-ui_packages_safe-storage_safe-storage_ts-ui_-682c2c-7be102c61d97.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Fri, 05 Apr 2024 19:34:20 GMT
etag: 0x8DC55A763B5E5B4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 243481
x-served-by: cache-iad-kjyo7100061-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 114, 2648
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e5c800dbb790686b788645e209c29695a0356c1a
content-length: 10225
GET

https://github.githubassets.com/assets/keyboard-shortcuts-dialog-548fad62c9fa.js

Request

GET /assets/keyboard-shortcuts-dialog-548fad62c9fa.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 14:33:29 GMT
etag: 0x8DC53EB07B2C7A4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 294625
x-served-by: cache-iad-kcgs7200026-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 6, 2060
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d6d172dac34acdf6fefeb4dff9a64438dc66b302
content-length: 4567
GET

https://github.githubassets.com/assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-99519581d0f8.js

Request

GET /assets/vendors-node_modules_github_remote-form_dist_index_js-node_modules_delegated-events_dist_inde-94fd67-99519581d0f8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 24 Oct 2023 17:57:35 GMT
etag: 0x8DBD4BAB41F03C7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 3486698
x-served-by: cache-iad-kjyo7100068-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 22, 1415
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: bf892ff234f60db8193c6b8243e987ec58ef9651
content-length: 5701
GET

https://github.githubassets.com/assets/sessions-694c8423e347.js

Request

GET /assets/sessions-694c8423e347.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 19 Mar 2024 16:34:30 GMT
etag: 0x8DC483273BA584E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 1633521
x-served-by: cache-iad-kjyo7100173-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 53, 1442
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 2bf363d5570b48fe3e966d0e51b97b411d876cfd
content-length: 4554
GET

https://github.githubassets.com/assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-7c5e7b04edd6.js

Request

GET /assets/chunk-app_components_primer_experimental_toggle-switch-element_ts-7c5e7b04edd6.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 16:53:09 GMT
etag: 0x8DC33C6BF8E4146
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 462030
x-served-by: cache-iad-kjyo7100077-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 31, 1600
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 949de2437298015d61f8e5aa8453b926294afbd9
content-length: 621
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_stacktrace-parser_dist_stack-trace-parser_esm_js-node_modules_github_bro-11c80a0-09f82b2af635.js

Request

GET /assets/chunk-vendors-node_modules_stacktrace-parser_dist_stack-trace-parser_esm_js-node_modules_github_bro-11c80a0-09f82b2af635.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 14:33:22 GMT
etag: 0x8DC53EB03BB4411
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 243134
x-served-by: cache-iad-kjyo7100080-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 1797
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: adbb58ac9dd5d535df47e11189fc863274f4d3f1
content-length: 3231
GET

https://github.githubassets.com/assets/chunk-app_components_search_custom-scopes-element_ts-ui_packages_hydro-analytics_hydro-analytics_ts-d7de0e-b8729ae369ac.js

Request

GET /assets/chunk-app_components_search_custom-scopes-element_ts-ui_packages_hydro-analytics_hydro-analytics_ts-d7de0e-b8729ae369ac.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 27 Mar 2024 21:48:19 GMT
etag: 0x8DC4EA79DA54F07
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 214381
x-served-by: cache-iad-kjyo7100128-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 70, 1632
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4d91347e584811ac2f6c5628287cf12e16721637
content-length: 6146
GET

https://github.githubassets.com/assets/ui_packages_paths_index_ts-271d9b2a45a4.js

Request

GET /assets/ui_packages_paths_index_ts-271d9b2a45a4.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 04 Apr 2024 18:13:05 GMT
etag: 0x8DC54D2DFFD9C40
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 254767
x-served-by: cache-iad-kiad7000124-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 172, 2442
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 4c623e3e0cb416c8c06d3216367d0b8dcf0671ee
content-length: 4771
GET

https://github.githubassets.com/assets/chunk-app_assets_modules_github_jump-to_ts-2641544048b8.js

Request

GET /assets/chunk-app_assets_modules_github_jump-to_ts-2641544048b8.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Tue, 12 Mar 2024 16:25:45 GMT
etag: 0x8DC42B111F56264
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 599412
x-served-by: cache-iad-kcgs7200175-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 42, 1590
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 231fc40d364cb9553ac63b50b57fbb860dd4d790
content-length: 5818
GET

https://github.githubassets.com/assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-e50ab6-fd8396d2490b.js

Request

GET /assets/app_assets_modules_github_blob-anchor_ts-app_assets_modules_github_filter-sort_ts-app_assets_-e50ab6-fd8396d2490b.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 04 Apr 2024 15:21:45 GMT
etag: 0x8DC54BAF08D710C
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 340695
x-served-by: cache-iad-kjyo7100075-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 58, 1993
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: e8c7da295534cb91c6b0d95b21db714d746247a0
content-length: 22898
GET

https://github.githubassets.com/assets/chunk-node_modules_github_mini-throttle_dist_index_js-app_assets_modules_github_onfocus_ts-app_asse-c25cfe-ba427618e10d.js

Request

GET /assets/chunk-node_modules_github_mini-throttle_dist_index_js-app_assets_modules_github_onfocus_ts-app_asse-c25cfe-ba427618e10d.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 16:53:08 GMT
etag: 0x8DC33C6BF675D1A
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 1499424
x-served-by: cache-iad-kcgs7200178-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 30, 1523
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: c3b26927ee9f86ed627a2499d45777b4d1b59c8d
content-length: 5654
GET

https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-element_cookie-consent-element_ts-6c210391e8f0.js

Request

GET /assets/chunk-ui_packages_cookie-consent-element_cookie-consent-element_ts-6c210391e8f0.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 16:53:09 GMT
etag: 0x8DC33C6BFA558C8
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 215483
x-served-by: cache-iad-kcgs7200048-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 31, 1609
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: cced41cc2ea7899628e2fa7ef5bcea10a042214b
content-length: 3625
GET

https://github.githubassets.com/assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-80fd8ee00406.js

Request

GET /assets/chunk-ui_packages_cookie-consent-link-element_cookie-consent-link-element_ts-80fd8ee00406.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 16:53:09 GMT
etag: 0x8DC33C6BFA4E41E
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 863841
x-served-by: cache-iad-kiad7000140-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 30, 1584
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: d3b195a72af17f31cb8fa01bbb037671494494de
content-length: 3390
GET

https://github.githubassets.com/assets/ui_packages_query-builder-element_query-builder-element_ts-d0a1689468be.js

Request

GET /assets/ui_packages_query-builder-element_query-builder-element_ts-d0a1689468be.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 14:33:29 GMT
etag: 0x8DC53EB07B279D7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 437114
x-served-by: cache-iad-kcgs7200163-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 5, 1798
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ea04e2cff5fa390891405d92b1910e91d23336f0
content-length: 8160
GET

https://github.githubassets.com/assets/chunk-node_modules_stacktrace-parser_dist_stack-trace-parser_esm_js-ui_packages_hydro-analytics_hyd-c84fa6-07776d7bbd0a.js

Request

GET /assets/chunk-node_modules_stacktrace-parser_dist_stack-trace-parser_esm_js-ui_packages_hydro-analytics_hyd-c84fa6-07776d7bbd0a.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Wed, 03 Apr 2024 14:33:22 GMT
etag: 0x8DC53EB03DDC078
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 386415
x-served-by: cache-iad-kcgs7200020-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 4, 1799
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 656ae7ce7601854ba6bdafc73db61b3ef7f12b4b
content-length: 8298
GET

https://github.githubassets.com/assets/chunk-ui_packages_topic-feeds-toast-trigger-element_topic-feeds-toast-trigger-element_ts-1e4c8391a09e.js

Request

GET /assets/chunk-ui_packages_topic-feeds-toast-trigger-element_topic-feeds-toast-trigger-element_ts-1e4c8391a09e.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 16:53:09 GMT
etag: 0x8DC33C6BFC31F87
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 1122694
x-served-by: cache-iad-kcgs7200158-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 43, 86
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9d3a442c2d99fd935361ba8533b25f165880c764
content-length: 961
GET

https://github.githubassets.com/assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-57f9943adb92.js

Request

GET /assets/chunk-ui_packages_webauthn-get-element_webauthn-get-element_ts-57f9943adb92.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Thu, 22 Feb 2024 16:53:09 GMT
etag: 0x8DC33C6BFC3BB17
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 219441
x-served-by: cache-iad-kjyo7100116-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 31, 1575
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: afe39f741c1f7fbcd908ab00463727291cb34e68
content-length: 3118
GET

https://github.githubassets.com/assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-7ef3071b711c.js

Request

GET /assets/chunk-vendors-node_modules_consent-banner_dist_consent-banner_js-7ef3071b711c.js HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
origin: https://github.com
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: */*
sec-fetch-site: cross-site
sec-fetch-mode: cors
sec-fetch-dest: script
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: application/javascript
last-modified: Mon, 18 Dec 2023 16:53:05 GMT
etag: 0x8DBFFE9CE26CFC7
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-encoding: br
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 2196038
x-served-by: cache-iad-kjyo7100095-IAD, cache-lcy-eglc8600039-LCY
x-cache: HIT, HIT
x-cache-hits: 53, 1542
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 9bc6054bd944212164c226849fe11d9e207ff1ed
content-length: 10740
DNS

github-cloud.s3.amazonaws.com

Request

github-cloud.s3.amazonaws.com

IN A

Response

github-cloud.s3.amazonaws.com

IN CNAME

s3-1-w.amazonaws.com

s3-1-w.amazonaws.com

IN CNAME

s3-w.us-east-1.amazonaws.com

s3-w.us-east-1.amazonaws.com

IN A

54.231.132.193

s3-w.us-east-1.amazonaws.com

IN A

3.5.28.215

s3-w.us-east-1.amazonaws.com

IN A

52.216.93.43

s3-w.us-east-1.amazonaws.com

IN A

3.5.30.167

s3-w.us-east-1.amazonaws.com

IN A

3.5.28.213

s3-w.us-east-1.amazonaws.com

IN A

52.217.65.180

s3-w.us-east-1.amazonaws.com

IN A

3.5.25.190

s3-w.us-east-1.amazonaws.com

IN A

52.216.221.201
DNS

user-images.githubusercontent.com

Request

user-images.githubusercontent.com

IN A

Response

user-images.githubusercontent.com

IN A

185.199.108.133

user-images.githubusercontent.com

IN A

185.199.109.133

user-images.githubusercontent.com

IN A

185.199.110.133

user-images.githubusercontent.com

IN A

185.199.111.133
DNS

repository-images.githubusercontent.com

Request

repository-images.githubusercontent.com

IN A

Response

repository-images.githubusercontent.com

IN A

185.199.108.133

repository-images.githubusercontent.com

IN A

185.199.109.133

repository-images.githubusercontent.com

IN A

185.199.110.133

repository-images.githubusercontent.com

IN A

185.199.111.133
GET

https://repository-images.githubusercontent.com/503188913/d2db8721-4e80-4e57-9f34-faebe32faddf

Request

GET /503188913/d2db8721-4e80-4e57-9f34-faebe32faddf HTTP/2.0
host: repository-images.githubusercontent.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Sat, 26 Aug 2023 03:40:54 GMT
etag: "12dc772e37c28f16540661ec5c1c8e2c"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000
x-amz-version-id: yiOPVUKrxG5FyTwf0KRZ2urClnjOUUlu
content-type: image/png
via: 1.1 varnish, 1.1 varnish
timing-allow-origin: https://github.com
accept-ranges: bytes
age: 1062826
date: Mon, 08 Apr 2024 16:40:04 GMT
x-served-by: cache-iad-kjyo7100116-IAD, cache-lcy-eglc8600043-LCY
x-cache: HIT, HIT
x-cache-hits: 861, 0
x-timer: S1712594405.631191,VS0,VE1
x-fastly-request-id: d8fb72add55920a89d7706f6ed65feff89a848cf
server: GitHub Cloud
content-length: 768242
GET

https://repository-images.githubusercontent.com/507331601/45502b12-c4e5-4687-897e-dc855c242466

Request

GET /507331601/45502b12-c4e5-4687-897e-dc855c242466 HTTP/2.0
host: repository-images.githubusercontent.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Wed, 05 Oct 2022 16:42:25 GMT
etag: "a0aeabca7364ea0b13f35b8c9abd047e"
cache-control: max-age=2592000
x-amz-version-id: ltyyHNL0caWTEYwZVWl6HPrfNS0oNQMh
content-type: image/jpeg
via: 1.1 varnish, 1.1 varnish
timing-allow-origin: https://github.com
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:04 GMT
age: 309449
x-served-by: cache-iad-kcgs7200130-IAD, cache-lcy-eglc8600043-LCY
x-cache: HIT, HIT
x-cache-hits: 704, 3
x-timer: S1712594405.631761,VS0,VE0
x-fastly-request-id: 6c2ed8340c14ccaa1c0641ceba60401b91f1ea55
server: GitHub Cloud
content-length: 362193
GET

https://repository-images.githubusercontent.com/546131782/9a998766-f6f2-4266-802a-a5ba5625a2b8

Request

GET /546131782/9a998766-f6f2-4266-802a-a5ba5625a2b8 HTTP/2.0
host: repository-images.githubusercontent.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Wed, 17 Aug 2022 15:03:31 GMT
etag: "daf7010a4f313c4f0fd4728584f6400c"
cache-control: max-age=2592000
x-amz-version-id: YdGz3f_3Xqb8oX.4krVO7Fwv.rHthknM
content-type: image/png
via: 1.1 varnish, 1.1 varnish
timing-allow-origin: https://github.com
accept-ranges: bytes
age: 3026171
date: Mon, 08 Apr 2024 16:40:04 GMT
x-served-by: cache-iad-kiad7000085-IAD, cache-lcy-eglc8600043-LCY
x-cache: HIT, HIT
x-cache-hits: 522, 0
x-timer: S1712594405.631818,VS0,VE1
x-fastly-request-id: 1275a9f520d788064adced93acdf37f55f04fac3
server: GitHub Cloud
content-length: 42204
GET

https://repository-images.githubusercontent.com/777825693/a84f6d2b-95cd-4213-8c93-474f95e9c0f8

Request

GET /777825693/a84f6d2b-95cd-4213-8c93-474f95e9c0f8 HTTP/2.0
host: repository-images.githubusercontent.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

last-modified: Tue, 26 Mar 2024 18:13:14 GMT
etag: "ea3ff1516a2914d03c8d29191fe5a49e"
x-amz-server-side-encryption: AES256
cache-control: max-age=2592000
x-amz-version-id: .Y.m_11qSDTDzIb1Pv5mG.jMahIE_zsx
content-type: image/png
via: 1.1 varnish, 1.1 varnish
timing-allow-origin: https://github.com
accept-ranges: bytes
age: 1046725
date: Mon, 08 Apr 2024 16:40:04 GMT
x-served-by: cache-iad-kcgs7200024-IAD, cache-lcy-eglc8600043-LCY
x-cache: HIT, HIT
x-cache-hits: 1, 0
x-timer: S1712594405.631738,VS0,VE1
x-fastly-request-id: 6b50f00b5c1cf4a8ee0a5196ead1db3bb1fb9662
server: GitHub Cloud
content-length: 506048
DNS

133.108.199.185.in-addr.arpa

Request

133.108.199.185.in-addr.arpa

IN PTR

Response

133.108.199.185.in-addr.arpa

IN PTR

cdn-185-199-108-133githubcom
DNS

154.108.199.185.in-addr.arpa

Request

154.108.199.185.in-addr.arpa

IN PTR

Response

154.108.199.185.in-addr.arpa

IN PTR

cdn-185-199-108-154githubcom
DNS

collector.github.com

Request

collector.github.com

IN A

Response

collector.github.com

IN CNAME

glb-db52c2cf8be544.github.com

glb-db52c2cf8be544.github.com

IN A

140.82.113.21
GET

https://github.githubassets.com/favicons/favicon.svg

Request

GET /favicons/favicon.svg HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/svg+xml
last-modified: Thu, 19 Oct 2023 22:56:36 GMT
etag: 0x8DBD0F6A5D50EA4
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:05 GMT
age: 137
x-served-by: cache-iad-kiad7000081-IAD, cache-lcy-eglc8600047-LCY
x-cache: HIT, HIT
x-cache-hits: 763472, 3
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 8bc9a46ec14940adcfa41d31245196922d878213
content-length: 959
GET

https://github.githubassets.com/assets/apple-touch-icon-144x144-b882e354c005.png

Request

GET /assets/apple-touch-icon-144x144-b882e354c005.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

cache-control: public, max-age=31536000, immutable
content-type: image/png
last-modified: Thu, 19 Oct 2023 22:56:17 GMT
etag: 0x8DBD0F69A3B5496
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:05 GMT
age: 379666
x-served-by: cache-iad-kiad7000023-IAD, cache-lcy-eglc8600047-LCY
x-cache: HIT, HIT
x-cache-hits: 8, 878
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: 0ffd2cbd2639457ff51967a2ca0521b96481ce82
content-length: 14426
GET

https://github.githubassets.com/favicons/favicon.png

Request

GET /favicons/favicon.png HTTP/2.0
host: github.githubassets.com
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
sec-ch-ua-platform: "Windows"
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
sec-fetch-site: cross-site
sec-fetch-mode: no-cors
sec-fetch-dest: image
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 200

content-type: image/png
last-modified: Thu, 19 Oct 2023 22:56:36 GMT
etag: 0x8DBD0F6A5D47312
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Mon, 08 Apr 2024 16:40:05 GMT
age: 124
x-served-by: cache-iad-kiad7000070-IAD, cache-lcy-eglc8600047-LCY
x-cache: HIT, HIT
x-cache-hits: 290225, 2
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
strict-transport-security: max-age=31536000
x-fastly-request-id: ff7d461968a2ac85811615e65eadd3170f3925f7
content-length: 958
DNS

api.github.com

Request

api.github.com

IN A

Response

api.github.com

IN A

20.26.156.210
POST

https://collector.github.com/github/collect

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 706
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.461704506.1712594403
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Mon, 08 Apr 2024 16:40:05 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.001751
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E840:5AB6:119E596:27CF43D:66141DE5
POST

https://collector.github.com/github/collect

Request

POST /github/collect HTTP/2.0
host: collector.github.com
content-length: 983
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.461704506.1712594403
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 204

date: Mon, 08 Apr 2024 16:40:05 GMT
access-control-allow-methods: POST,OPTIONS
access-control-allow-headers: Content-Type
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: no-cache
x-runtime: 0.003381
strict-transport-security: max-age=631138519
x-frame-options: DENY
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-github-backend: Kubernetes
x-github-request-id: E840:5AB6:119E596:27CF43C:66141DE5
POST

https://api.github.com/_private/browser/stats

Request

POST /_private/browser/stats HTTP/2.0
host: api.github.com
content-length: 44777
sec-ch-ua: "Chromium";v="106", "Google Chrome";v="106", "Not;A=Brand";v="99"
sec-ch-ua-platform: "Windows"
sec-ch-ua-mobile: ?0
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
content-type: text/plain;charset=UTF-8
accept: */*
origin: https://github.com
sec-fetch-site: same-site
sec-fetch-mode: no-cors
sec-fetch-dest: empty
referer: https://github.com/
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
cookie: _octo=GH1.1.461704506.1712594403
cookie: logged_in=no
cookie: preferred_color_mode=light
cookie: tz=UTC

Response

HTTP/2.0 200

server: GitHub.com
date: Mon, 08 Apr 2024 16:40:05 GMT
content-type: text/plain
content-length: 0
cache-control: no-cache
x-ratelimit-limit: 60
x-ratelimit-remaining: 60
x-ratelimit-reset: 1712598005
x-ratelimit-used: 0
x-ratelimit-resource: core
x-github-media-type: github.v3; format=json
x-github-api-version-selected: 2022-11-28
access-control-expose-headers: ETag, Link, Location, Retry-After, X-GitHub-OTP, X-RateLimit-Limit, X-RateLimit-Remaining, X-RateLimit-Used, X-RateLimit-Resource, X-RateLimit-Reset, X-OAuth-Scopes, X-Accepted-OAuth-Scopes, X-Poll-Interval, X-GitHub-Media-Type, X-GitHub-SSO, X-GitHub-Request-Id, Deprecation, Sunset
access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-frame-options: deny
x-content-type-options: nosniff
x-xss-protection: 0
referrer-policy: origin-when-cross-origin, strict-origin-when-cross-origin
content-security-policy: default-src 'none'
vary: Accept-Encoding, Accept, X-Requested-With
x-github-request-id: E841:32C1AF:1173A76:12BEEAC:66141DE5
DNS

21.113.82.140.in-addr.arpa

Request

21.113.82.140.in-addr.arpa

IN PTR

Response

21.113.82.140.in-addr.arpa

IN PTR

lb-140-82-113-21-iadgithubcom
DNS

210.156.26.20.in-addr.arpa

Request

210.156.26.20.in-addr.arpa

IN PTR

Response
DNS

beacons.gcp.gvt2.com

Request

beacons.gcp.gvt2.com

IN A

Response

beacons.gcp.gvt2.com

IN CNAME

beacons-handoff.gcp.gvt2.com

beacons-handoff.gcp.gvt2.com

IN A

192.178.49.163
DNS

e2c5.gcp.gvt2.com

Request

e2c5.gcp.gvt2.com

IN A

Response

e2c5.gcp.gvt2.com

IN A

34.64.233.111
POST

https://e2c5.gcp.gvt2.com/nel/

Request

POST /nel/ HTTP/2.0
host: e2c5.gcp.gvt2.com
content-length: 501
content-type: application/json; charset=utf-8
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9

Response

HTTP/2.0 204

date: Mon, 08 Apr 2024 16:40:57 GMT
DNS

111.233.64.34.in-addr.arpa

Request

111.233.64.34.in-addr.arpa

IN PTR

Response

111.233.64.34.in-addr.arpa

IN PTR

1112336434bcgoogleusercontentcom
DNS

clients2.google.com

Request

clients2.google.com

IN A

Response

clients2.google.com

IN CNAME

clients.l.google.com

clients.l.google.com

IN A

172.217.16.238
OPTIONS

https://clients2.google.com/domainreliability/upload-nel

Request

OPTIONS /domainreliability/upload-nel HTTP/2.0
host: clients2.google.com
origin: https://beacons.gcp.gvt2.com
access-control-request-method: POST
access-control-request-headers: content-type
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.0.0 Safari/537.36
accept-encoding: gzip, deflate, br
accept-language: en-US,en;q=0.9
DNS

beacons3.gvt2.com

Request

beacons3.gvt2.com

IN A

Response

beacons3.gvt2.com

IN A

172.217.169.3

138.91.171.81:80

156 B
3
104.21.46.75:443

https://krnl.vip/alysse-executor/

tls, http2

chrome.exe

2.6kB
27.6kB
32
44

HTTP Request

GET https://krnl.vip/alysse-executor/

HTTP Response

200
104.21.46.75:443

krnl.vip

tls

chrome.exe

943 B
4.5kB
8
7
172.217.16.238:443

https://translate.google.com/translate_a/element.js?cb=googFooterTranslate

tls, http2

chrome.exe

5.1kB
108.8kB
82
99

HTTP Request

GET https://fundingchoicesmessages.google.com/i/pub-2695670041405697?ers=1

HTTP Request

GET https://translate.google.com/translate_a/element.js?cb=googFooterTranslate
142.250.179.226:443

googleads.g.doubleclick.net

tls, http2

chrome.exe

1.0kB
6.1kB
10
9
172.217.169.42:443

https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSJQnyJ_oyUPoqAxIFDTE9lDASBQ2jG53KEgUNg6hbPRIFDW7dSdk=?alt=proto

tls, http2

chrome.exe

2.1kB
7.3kB
20
21

HTTP Request

GET https://content-autofill.googleapis.com/v1/pages/ChVDaHJvbWUvMTA2LjAuNTI0OS4xMTkSJQnyJ_oyUPoqAxIFDTE9lDASBQ2jG53KEgUNg6hbPRIFDW7dSdk=?alt=proto
142.250.179.226:443

https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2695670041405697&output=html&h=250&slotname=9643795113&adk=1139357090&adf=72309546&pi=t.ma~as.9643795113&w=300&lmt=1712594150&format=300x250&url=https%3A%2F%2Fkrnl.vip%2Falysse-executor%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&dt=1712594150340&bpp=2&bdt=715&idt=383&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6756936210439&frm=20&pv=1&ga_vid=808377926.1712594151&ga_sid=1712594151&ga_hid=930401239&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=482&ady=929&biw=1263&bih=609&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082546%2C44785295%2C44798934%2C95329025%2C95329438%2C95320377%2C31082143&oid=2&pvsid=1340682136266379&tmod=2045290731&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C609&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=403

tls, http2

chrome.exe

7.0kB
120.1kB
64
106

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2695670041405697&output=html&adk=1812271804&adf=3025194257&lmt=1712594150&plaf=7%3A2&plat=1%3A1024%2C2%3A1024%2C3%3A128%2C4%3A128%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32%2C41%3A32%2C42%3A32&format=0x0&url=https%3A%2F%2Fkrnl.vip%2Falysse-executor%2F&pra=5&wgl=1&easpi=0&asro=0&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&dt=1712594150333&bpp=4&bdt=708&idt=318&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6756936210439&frm=20&pv=2&ga_vid=808377926.1712594151&ga_sid=1712594151&ga_hid=930401239&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1263&bih=609&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082546%2C44785295%2C44798934%2C95329025%2C95329438%2C95320377%2C31082143&oid=2&pvsid=1340682136266379&tmod=2045290731&uas=0&nvt=1&fsapi=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C609&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=1&uci=a!1&fsb=1&dtd=334

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2695670041405697&output=html&h=280&slotname=5157755194&adk=1665831196&adf=1231571052&pi=t.ma~as.5157755194&w=730&fwrn=4&fwrnh=100&lmt=1712594150&rafmt=1&format=730x280&url=https%3A%2F%2Fkrnl.vip%2Falysse-executor%2F&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&dt=1712594150337&bpp=3&bdt=712&idt=343&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6756936210439&frm=20&pv=1&ga_vid=808377926.1712594151&ga_sid=1712594151&ga_hid=930401239&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=267&ady=352&biw=1263&bih=609&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082546%2C44785295%2C44798934%2C95329025%2C95329438%2C95320377%2C31082143&oid=2&pvsid=1340682136266379&tmod=2045290731&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C609&vis=1&rsz=%7C%7CeE%7C&abl=CS&pfx=0&fu=128&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=348

HTTP Request

GET https://googleads.g.doubleclick.net/pagead/ads?gdpr=0&client=ca-pub-2695670041405697&output=html&h=250&slotname=9643795113&adk=1139357090&adf=72309546&pi=t.ma~as.9643795113&w=300&lmt=1712594150&format=300x250&url=https%3A%2F%2Fkrnl.vip%2Falysse-executor%2F&wgl=1&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&dt=1712594150340&bpp=2&bdt=715&idt=383&shv=r20240403&mjsv=m202404020101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C730x280&nras=1&correlator=6756936210439&frm=20&pv=1&ga_vid=808377926.1712594151&ga_sid=1712594151&ga_hid=930401239&ga_fc=0&u_tz=0&u_his=1&u_h=720&u_w=1280&u_ah=680&u_aw=1280&u_cd=24&u_sd=1&dmc=8&adx=482&ady=929&biw=1263&bih=609&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759842%2C31082546%2C44785295%2C44798934%2C95329025%2C95329438%2C95320377%2C31082143&oid=2&pvsid=1340682136266379&tmod=2045290731&uas=0&nvt=1&fc=1920&brdim=0%2C0%2C0%2C0%2C1280%2C0%2C1280%2C680%2C1280%2C609&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=0&bc=31&bz=1&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=3&uci=a!3&btvi=1&fsb=1&dtd=403
142.250.179.226:443

googleads.g.doubleclick.net

tls

chrome.exe

931 B
5.0kB
9
7
142.250.179.226:443

googleads.g.doubleclick.net

chrome.exe

98 B
52 B
2
1
142.250.200.33:443

https://tpc.googlesyndication.com/pagead/js/r20240403/r20110914/client/window_focus_fy2021.js

tls, http2

chrome.exe

3.6kB
32.9kB
42
40

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20240403/r20110914/client/qs_click_protection_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/simgad/14719202300581606184/14763004658117789537?w=100&h=100&tw=1&q=75

HTTP Request

GET https://tpc.googlesyndication.com/simgad/15098960672202684288/14763004658117789537?w=400&h=209&tw=1&q=75

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20240403/r20110914/client/load_preloaded_resource_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20240403/r20110914/abg_lite_fy2021.js

HTTP Request

GET https://tpc.googlesyndication.com/pagead/js/r20240403/r20110914/client/window_focus_fy2021.js
142.250.200.33:443

tpc.googlesyndication.com

tls

chrome.exe

931 B
4.8kB
9
7
142.250.200.33:443

tpc.googlesyndication.com

tls

chrome.exe

931 B
4.8kB
9
7
142.250.200.33:443

tpc.googlesyndication.com

tls

chrome.exe

931 B
4.8kB
9
7
142.250.200.33:443

tpc.googlesyndication.com

tls

chrome.exe

931 B
4.8kB
9
7
142.250.200.33:443

tpc.googlesyndication.com

tls

chrome.exe

931 B
4.8kB
9
7
104.18.36.155:443

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqFcjrb6wILhUHoJGVDL2s&google_cver=1&gdpr=0

tls, http2

chrome.exe

2.3kB
5.2kB
21
21

HTTP Request

GET https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&gdpr=0&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D

HTTP Request

GET https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESENqFcjrb6wILhUHoJGVDL2s&google_cver=1&gdpr=0

HTTP Response

302

HTTP Response

302
37.252.171.85:443

ib.adnxs.com

tls

chrome.exe

2.3kB
7.2kB
15
16
216.58.213.2:443

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0

tls, http2

chrome.exe

2.4kB
8.2kB
23
24

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm&gdpr=0

HTTP Request

GET https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm&gdpr=0
216.58.213.2:443

cm.g.doubleclick.net

tls, http2

chrome.exe

999 B
6.0kB
9
8
104.18.36.155:443

dsum-sec.casalemedia.com

tls, http2

chrome.exe

943 B
2.9kB
8
6
104.68.68.28:443

https://servedby.flashtalking.com/state/7893657;4674971;0;401;83A2D5CA-BF33-CD8B-FC8B-B81390609BE7/?ft_data=d9:ea350b55508b4cd982f978a8a41ab306;d9s:ea350b55508b4cd982f978a8a41ab306&cachebuster=422423242

tls, http

chrome.exe

3.2kB
7.0kB
19
18

HTTP Request

GET https://servedby.flashtalking.com/imp/8/225407;7893657;201;jsappend;DV360;DV360FY24AcrobatDemandGenPSPDocTypeKeywordsUSDSKBAN300x250/?ftOBA=1&ft_domain=krnl.vip&ft_ifb=1&ft_agentEnv=0&ft_referrer=https://krnl.vip/alysse-executor/&gdpr=0&us_privacy=${US_PRIVACY}&site_url=https://krnl.vip/alysse-executor/&pub_id=1&sup_platform=1&cachebuster=177269.03738313715

HTTP Response

200

HTTP Request

GET https://servedby.flashtalking.com/state/7893657;4674971;0;401;83A2D5CA-BF33-CD8B-FC8B-B81390609BE7/?ft_data=d9:ea350b55508b4cd982f978a8a41ab306;d9s:ea350b55508b4cd982f978a8a41ab306&cachebuster=422423242

HTTP Response

200
18.173.233.72:443

https://ajs-assets.ftstatic.com/ftUtils.js

tls, http2

chrome.exe

2.7kB
33.0kB
36
39

HTTP Request

GET https://ajs-assets.ftstatic.com/ftUtils.js

HTTP Response

200
18.154.63.76:443

https://agen-assets.ftstatic.com/display/7893657/4674971.json

tls, http2

chrome.exe

1.9kB
7.6kB
18
20

HTTP Request

GET https://agen-assets.ftstatic.com/display/7893657/4674971.json

HTTP Response

200
142.250.178.4:443

https://www.google.com/recaptcha/api2/aframe

tls, http2

chrome.exe

2.1kB
8.3kB
20
23

HTTP Request

GET https://www.google.com/recaptcha/api2/aframe
54.75.228.101:443

d9.flashtalking.com

tls

chrome.exe

4.9kB
19.0kB
28
28
72.246.172.44:443

cdn.flashtalking.com

tls

chrome.exe

2.1kB
11.7kB
19
22
72.246.172.44:443

cdn.flashtalking.com

tls

chrome.exe

2.2kB
7.3kB
18
19
72.246.172.44:443

cdn.flashtalking.com

tls

chrome.exe

5.9kB
175.2kB
81
142
18.173.233.75:443

https://js.ad-score.com/nlp-bp.min.js?pid=1000925&tt=g

tls, http

chrome.exe

7.1kB
278.9kB
116
213

HTTP Request

GET https://js.ad-score.com/score.min.js?pid=1000925&tt=g

HTTP Response

200

HTTP Request

GET https://js.ad-score.com/nlp-bp.min.js?pid=1000925&tt=g

HTTP Response

200
72.246.172.44:443

stat.flashtalking.com

tls

chrome.exe

2.1kB
5.9kB
17
17
35.178.94.125:443

ad-events.flashtalking.com

tls

chrome.exe

2.0kB
4.6kB
16
16
72.246.172.44:443

stat.flashtalking.com

tls

chrome.exe

3.1kB
6.4kB
20
19
130.211.115.4:443

data.ad-score.com

tls

chrome.exe

71.8kB
6.7kB
69
36
23.73.139.33:443

code.createjs.com

tls

chrome.exe

4.0kB
71.0kB
52
66
172.217.169.70:443

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js

tls, http2

chrome.exe

2.8kB
36.3kB
36
39

HTTP Request

GET https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.11.5_min.js
72.246.172.44:443

secure.flashtalking.com

tls

chrome.exe

2.2kB
12.0kB
19
22
104.16.114.74:443

www.mediafire.com

tls

chrome.exe

5.5kB
101.5kB
79
133
172.64.103.2:443

https://the.gatekeeperconsent.com/cmp.min.js

tls, http2

chrome.exe

2.1kB
7.1kB
22
23

HTTP Request

GET https://the.gatekeeperconsent.com/cmp.min.js

HTTP Response

200
104.22.74.216:443

https://btloader.com/tag?o=5678961798414336&upapi=true

tls, http2

chrome.exe

2.7kB
25.3kB
35
39

HTTP Request

GET https://btloader.com/tag?o=5678961798414336&upapi=true

HTTP Response

200
172.64.129.8:443

https://www.ezojs.com/ezoic/sa.min.js

tls, http2

chrome.exe

3.4kB
51.1kB
52
53

HTTP Request

GET https://www.ezojs.com/ezoic/sa.min.js

HTTP Response

200
172.64.103.2:443

https://the.gatekeeperconsent.com/v2/config.json?domain=www.mediafire.com&changeLogId=0&cb=0

tls, http2

chrome.exe

2.3kB
8.9kB
24
28

HTTP Request

GET https://privacy.gatekeeperconsent.com/consent_modules.json

HTTP Response

200

HTTP Request

GET https://the.gatekeeperconsent.com/v2/config.json?domain=www.mediafire.com&changeLogId=0&cb=0

HTTP Response

200
18.66.242.6:443

https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

tls, http2

chrome.exe

2.6kB
30.6kB
33
37

HTTP Request

GET https://cdn.amplitude.com/libs/amplitude-8.5.0-min.gz.js

HTTP Response

200
104.16.52.110:443

https://otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=77734&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=609&res=1280x720&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone

tls, http2

chrome.exe

4.7kB
67.5kB
68
74

HTTP Request

GET https://cdn.otnolatrnup.com/Scripts/infinity.js.aspx?guid=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0

HTTP Response

200

HTTP Request

GET https://otnolatrnup.com/Tag.engine?time=0&id=5ff0fb62-0643-4ff1-aaee-c737f9ffc0e0&rand=77734&ver=async&referrerUrl=&fingerPrint=123&abr=false&stdTime=0&fpe=1&bw=1280&bh=609&res=1280x720&curl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&kw=online%20storage%2Cfree%20storage%2Ccloud%20storage%2Ccollaboration%2Cbackup%20file%20sharing%2Cshare%20files%2Cphoto%20backup%2Cphoto%20sharing%2Cftp%20replacement%2Ccross%20platform%2Cremote%20access%2Cmobile%20access%2Csend%20large%20files%2Crecover%20files%2Cfile%20versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos%20x%2Clinux%2Ciphone

HTTP Response

200
172.67.73.78:443

https://www.mediafiredls.com/adsupply/

tls, http2

chrome.exe

2.4kB
10.3kB
26
30

HTTP Request

GET https://www.mediafiredls.com/adsupply/

HTTP Response

403

HTTP Request

GET https://www.mediafiredls.com/adsupply/

HTTP Response

403
104.16.80.73:443

https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

tls, http2

chrome.exe

2.4kB
13.4kB
27
30

HTTP Request

GET https://static.cloudflareinsights.com/beacon.min.js/v84a3a4012de94ce1a686ba8c167c359c1696973893317

HTTP Response

200
130.211.23.194:443

https://api.btloader.com/mw/state?bt_env=prod

tls, http2

chrome.exe

2.0kB
6.4kB
20
20

HTTP Request

GET https://api.btloader.com/mw/state?bt_env=prod
104.26.3.70:443

ad-delivery.net

tls

chrome.exe

943 B
4.6kB
8
7
104.26.3.70:443

https://ad-delivery.net/px.gif?ch=2

tls, http2

chrome.exe

2.7kB
8.4kB
29
32

HTTP Request

GET https://ad-delivery.net/px.gif?ch=2

HTTP Request

GET https://ad-delivery.net/px.gif?ch=1&e=0.12405474589538112

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://ad-delivery.net/px.gif?ch=1&e=0.4580394173535045

HTTP Request

GET https://ad-delivery.net/px.gif?ch=2

HTTP Response

200

HTTP Response

304
35.181.89.222:443

https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoicHZfZXZlbnRfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoidGltZV9vbl9wYWdlX2V2ZW50IiwidmFsIjoiNDUifV19XQ==

tls, http2

chrome.exe

21.7kB
15.5kB
66
61

HTTP Request

POST https://g.ezoic.net/saa.go

HTTP Response

200

HTTP Request

POST https://g.ezoic.net/detroitchicago/imp.gif?ez_orig=1

HTTP Response

200

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiI3MjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyNC0wNC0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOGQ4MDZhMWMtMDYzNi00NzhhLTc5NmUtMTRkNWM3NjI0MTMxIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2MywiZGF0YSI6W3sibmFtZSI6Im5hdmlnYXRpb25fdHlwZSIsInZhbCI6IjAifSx7Im5hbWUiOiJyZWRpcmVjdF9jb3VudCIsInZhbCI6IjAifV19XQ==

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoicGVyZl9pc190cmFja2VkIiwidmFsIjoiMSJ9LHsibmFtZSI6InBlcmZfbmF2X3RvX2Nvbm5lY3QiLCJ2YWwiOiI0MDIifSx7Im5hbWUiOiJwZXJmX2Nvbm5lY3RfdG9fcmVzcF9zdGFydCIsInZhbCI6IjcwMyJ9LHsibmFtZSI6InBlcmZfcmVzcF90aW1lIiwidmFsIjoiMzc1In0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjE3NCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjU1OCJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxNzYxIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOGQ4MDZhMWMtMDYzNi00NzhhLTc5NmUtMTRkNWM3NjI0MTMxIiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2MywiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiMTAxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9jb250ZW50ZnVsX3BhaW50IiwidmFsIjoiMTAxMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjhkODA2YTFjLTA2MzYtNDc4YS03OTZlLTE0ZDVjNzYyNDEzMSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjMsImRhdGEiOlt7Im5hbWUiOiJjb25uZWN0aW9uX2VmZmVjdGl2ZV90eXBlIiwidmFsIjoiNGcifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjcuOCJ9XX1d

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiI1MCJ9XX1d

HTTP Response

204

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoibGNwX3ZhbHVlIiwidmFsIjoiMjc3NC40In1dfV0=

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoiY2xzX3ZhbHVlIiwidmFsIjoiMCJ9XX1d

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://g.ezoic.net/saa.go

HTTP Response

200

HTTP Request

POST https://g.ezoic.net/detroitchicago/imp.gif?ez_orig=1

HTTP Response

200

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTI4MCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiI3MjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoidF9sb2NhbF9kYXRlIiwidmFsIjoiMjAyNC0wNC0wOCJ9LHsibmFtZSI6InRfbG9jYWxfaG91ciIsInZhbCI6IjE2In0seyJuYW1lIjoidF9sb2NhbF9kYXlfb2Zfd2VlayIsInZhbCI6IjEifSx7Im5hbWUiOiJ0X2xvY2FsX3RpbWV6b25lIiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUxYTQ4M2JiLTNhNTMtNGU0ZC03MjBlLTBjMzI4YzBmMThmOSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV90YWciLCJ2YWwiOiJlbi1VUyJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUxYTQ4M2JiLTNhNTMtNGU0ZC03MjBlLTBjMzI4YzBmMThmOSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjgsImRhdGEiOlt7Im5hbWUiOiJsYW5ndWFnZV9wcmltYXJ5X3N1YnRhZyIsInZhbCI6ImVuIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImxjcF92YWx1ZSIsInZhbCI6IjEzNTQuNSJ9XX1d

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZmlkX3ZhbHVlIiwidmFsIjoiMTEifV19XQ==

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjUxYTQ4M2JiLTNhNTMtNGU0ZC03MjBlLTBjMzI4YzBmMThmOSIsImRvbWFpbl9pZCI6IjQ4NDQ3MCIsInRfZXBvY2giOjE3MTI1OTQxNjgsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6IjIyIn0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIzMDEifSx7Im5hbWUiOiJwZXJmX3Jlc3BfdGltZSIsInZhbCI6IjYyIn0seyJuYW1lIjoicGVyZl9pbnRlcmFjdGl2ZSIsInZhbCI6IjIwMCJ9LHsibmFtZSI6InBlcmZfY29udGVudGxvYWRlZCIsInZhbCI6IjQ3NiJ9LHsibmFtZSI6InBlcmZfY29tcGxldGUiLCJ2YWwiOiIxMzU3In1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X3BhaW50IiwidmFsIjoiNDAxIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImZpcnN0X2NvbnRlbnRmdWxfcGFpbnQiLCJ2YWwiOiI0MDEifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0=

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjcuOTUifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9ydHQiLCJ2YWwiOiI1MCJ9XX1d

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzEyNTk0MTcxODY1In1dfV0=

HTTP Response

204

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiaW5wX3ZhbHVlIiwidmFsIjoiMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiNTFhNDgzYmItM2E1My00ZTRkLTcyMGUtMGMzMjhjMGYxOGY5IiwiZG9tYWluX2lkIjoiNDg0NDcwIiwidF9lcG9jaCI6MTcxMjU5NDE2OCwiZGF0YSI6W3sibmFtZSI6ImlucF9mYWlsaW5nX3ZhbHVlIiwidmFsIjoiMjAwIn0seyJuYW1lIjoiaW5wX2ZhaWxpbmdfaWRlbnRpZmllciIsInZhbCI6IiNkb3dubG9hZEJ1dHRvbiJ9XX1d

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiY2xzX3ZhbHVlIiwidmFsIjoiMCJ9XX1d

HTTP Response

204

HTTP Response

204

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI4ZDgwNmExYy0wNjM2LTQ3OGEtNzk2ZS0xNGQ1Yzc2MjQxMzEiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTYzLCJkYXRhIjpbeyJuYW1lIjoidF91bmxvYWQiLCJ2YWwiOiIxNzEyNTk0MTc2MDEwIn1dfV0=

HTTP Response

204

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZW5nYWdlZF90aW1lIiwidmFsIjoiNSJ9XX1d

HTTP Response

204

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoiZW5nYWdlZF90aW1lIiwidmFsIjoiNiJ9XX1d

HTTP Response

204

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoicHZfZXZlbnRfY291bnQiLCJ2YWwiOiIxIn0seyJuYW1lIjoidGltZV9vbl9wYWdlX2V2ZW50IiwidmFsIjoiMzAifV19XQ==

HTTP Response

204

HTTP Request

POST https://g.ezoic.net/detroitchicago/greenoaks.gif?orig=1&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI1MWE0ODNiYi0zYTUzLTRlNGQtNzIwZS0wYzMyOGMwZjE4ZjkiLCJkb21haW5faWQiOiI0ODQ0NzAiLCJ0X2Vwb2NoIjoxNzEyNTk0MTY4LCJkYXRhIjpbeyJuYW1lIjoicHZfZXZlbnRfY291bnQiLCJ2YWwiOiIyIn0seyJuYW1lIjoidGltZV9vbl9wYWdlX2V2ZW50IiwidmFsIjoiNDUifV19XQ==

HTTP Response

204
172.64.136.15:443

https://go.ezodn.com/porpoiseant/et.js?gcb=195-12&cb=2

tls, http2

chrome.exe

2.5kB
10.4kB
28
28

HTTP Request

GET https://go.ezodn.com/detroitchicago/boise.js?gcb=195-12&cb=5

HTTP Request

GET https://go.ezodn.com/parsonsmaize/abilene.js?gcb=195-12&cb=33

HTTP Request

GET https://go.ezodn.com/porpoiseant/et.js?gcb=195-12&cb=2

HTTP Response

200

HTTP Response

200

HTTP Response

200
172.64.136.15:443

go.ezodn.com

tls, http2

chrome.exe

989 B
4.6kB
9
7
172.64.136.15:443

go.ezodn.com

tls, http2

chrome.exe

989 B
4.6kB
9
7
172.217.16.226:443

https://securepubads.g.doubleclick.net/tag/js/gpt.js

tls, http2

chrome.exe

2.6kB
38.4kB
30
42

HTTP Request

GET https://securepubads.g.doubleclick.net/tag/js/gpt.js
64.233.166.157:443

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-829541-1&cid=1152783976.1712594162&jid=1732191179&gjid=972232376&_gid=57189859.1712594162&_u=YEBAAUAAAAAAACAAI~&z=621751543

tls, http2

chrome.exe

2.2kB
7.2kB
20
21

HTTP Request

POST https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-829541-1&cid=1152783976.1712594162&jid=1732191179&gjid=972232376&_gid=57189859.1712594162&_u=YEBAAUAAAAAAACAAI~&z=621751543
52.43.234.188:443

api.amplitude.com

tls

chrome.exe

5.6kB
6.9kB
22
22
34.120.63.153:443

https://prebid.media.net/rtb/prebid?cid=8CUO2689O

tls, http2

chrome.exe

5.5kB
7.7kB
24
24

HTTP Request

POST https://prebid.media.net/rtb/prebid?cid=8CUO2689O
35.158.241.145:443

btlr.sharethrough.com

tls

chrome.exe

1.1kB
6.1kB
10
11
35.158.241.145:443

btlr.sharethrough.com

tls

chrome.exe

7.9kB
7.7kB
25
25
35.158.241.145:443

btlr.sharethrough.com

tls

chrome.exe

1.1kB
6.1kB
10
11
35.158.241.145:443

btlr.sharethrough.com

tls

chrome.exe

1.1kB
6.1kB
10
11
35.158.241.145:443

btlr.sharethrough.com

tls

chrome.exe

1.1kB
6.1kB
10
11
185.64.190.77:443

https://hbopenbid.pubmatic.com/translator?source=prebid-client

tls, http2

chrome.exe

6.3kB
5.8kB
24
25

HTTP Request

POST https://hbopenbid.pubmatic.com/translator?source=prebid-client

HTTP Response

204

HTTP Request

POST https://hbopenbid.pubmatic.com/translator?source=prebid-client

HTTP Response

204
3.78.168.176:443

https://tlx.3lift.com/header/auction?lib=prebid&v=8.10.0&referrer=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&tmax=1000

tls, http2

chrome.exe

7.5kB
7.8kB
30
33

HTTP Request

POST https://tlx.3lift.com/header/auction?lib=prebid&v=8.10.0&referrer=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&tmax=1000

HTTP Response

200

HTTP Request

POST https://tlx.3lift.com/header/auction?lib=prebid&v=8.10.0&referrer=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&tmax=1000

HTTP Response

200
216.58.201.99:443

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-829541-1&cid=1152783976.1712594162&jid=1732191179&_u=YEBAAUAAAAAAACAAI~&z=785894244

tls, http2

chrome.exe

2.2kB
7.1kB
21
24

HTTP Request

GET https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-829541-1&cid=1152783976.1712594162&jid=1732191179&_u=YEBAAUAAAAAAACAAI~&z=785894244
23.63.101.171:80

http://apps.identrust.com/roots/dstrootcax3.p7c

http

chrome.exe

416 B
1.6kB
6
5

HTTP Request

GET http://apps.identrust.com/roots/dstrootcax3.p7c

HTTP Response

200
52.210.166.25:443

bcp.crwdcntrl.net

tls

chrome.exe

5.0kB
8.9kB
24
28
18.173.233.10:443

https://tags.crwdcntrl.net/lt/c/16589/sync.min.js

tls, http2

chrome.exe

2.7kB
34.3kB
34
42

HTTP Request

GET https://tags.crwdcntrl.net/c/4545/cc_af.js

HTTP Response

200

HTTP Request

GET https://tags.crwdcntrl.net/lt/c/16589/sync.min.js

HTTP Response

200
54.155.211.205:443

ad.crwdcntrl.net

tls

chrome.exe

4.9kB
7.9kB
23
26
142.250.178.14:443

https://www.youtube.com/iframe_api?version=3

tls, http2

chrome.exe

3.0kB
12.0kB
27
31

HTTP Request

POST https://analytics.google.com/g/collect?v=2&tid=G-K68XP6D85D&gtm=45je4430v887485693z86304663za200&_p=1712594161414&_gaz=1&gcd=13l3l3l3l1&npa=0&dma=0&tcfd=1000g&cid=1152783976.1712594162&ul=en-us&sr=1280x720&uaa=x86&uab=64&uafvl=Chromium%3B106.0.5249.119%7CGoogle%2520Chrome%3B106.0.5249.119%7CNot%253BA%253DBrand%3B99.0.0.0&uamb=0&uam=&uap=Windows&uapv=10.0.0&uaw=0&pscdl=noapi&_s=1&sid=1712594162&sct=1&seg=0&dl=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%20V2.apk%2Ffile&dt=Alysse%20V2&en=page_view&_fv=1&_ss=1&up.page_url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&tfd=2226

HTTP Request

GET https://www.youtube.com/iframe_api?version=3
23.53.112.234:443

ads.pubmatic.com

tls

chrome.exe

4.5kB
17.7kB
24
29
76.223.111.18:443

https://eb2.3lift.com/sync?

tls, http2

chrome.exe

2.5kB
7.6kB
27
31

HTTP Request

GET https://eb2.3lift.com/sync?

HTTP Response

200

HTTP Request

GET https://eb2.3lift.com/sync?

HTTP Response

200
72.246.172.22:443

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C3020%2C251%2C233%2C2027%2C237%2C359%2C338%2C459%2C97%2C55%2C77%2C3012%2C3011%2C182%2C262%2C461%2C201%2C246%2C4%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

tls, http2

chrome.exe

2.4kB
14.2kB
22
23

HTTP Request

GET https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUO2689O&prvid=2034%2C2033%2C2030%2C3020%2C251%2C233%2C2027%2C237%2C359%2C338%2C459%2C97%2C55%2C77%2C3012%2C3011%2C182%2C262%2C461%2C201%2C246%2C4%2C203%2C10000%2C108%2C9&itype=PREBID&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1

HTTP Response

200
198.47.127.19:443

https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77943498&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

tls, http2

chrome.exe

18.9kB
98.1kB
95
129

HTTP Request

GET https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=49798663&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---

HTTP Response

200

HTTP Request

GET https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=66690409&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Request

GET https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69727988&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302

HTTP Request

GET https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=69448145&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Response

200

HTTP Request

GET https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=39167512&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Response

200

HTTP Request

GET https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=83023220&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Response

200

HTTP Request

GET https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=77943498&p=158936&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Response

200
35.158.241.145:443

btlr.sharethrough.com

tls

chrome.exe

7.7kB
2.0kB
22
20
35.181.89.222:443

https://g.ezoic.net/cmp/log.gif?dId=484470&dcId=4303&version=9&buttonId=2&consentV2=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http2

chrome.exe

3.1kB
4.3kB
18
18

HTTP Request

GET https://g.ezoic.net/cmp/log.gif?dId=484470&dcId=4303&version=9&buttonId=2&consentV2=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200
151.101.1.229:443

https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

tls, http2

chrome.exe

2.0kB
7.1kB
19
22

HTTP Request

GET https://cdn.jsdelivr.net/gh/prebid/shared-id/pubcid.js/docs/pubcid.min.js

HTTP Response

200
104.18.35.167:443

https://cdn-ima.33across.com/ob.js

tls, http2

chrome.exe

2.2kB
12.1kB
24
28

HTTP Request

GET https://cdn-ima.33across.com/ob.js

HTTP Response

200
18.154.67.92:443

https://cdn.prod.uidapi.com/uid2SecureSignal.js

tls, http

chrome.exe

2.0kB
9.4kB
18
19

HTTP Request

GET https://cdn.prod.uidapi.com/uid2SecureSignal.js

HTTP Response

200
104.22.53.86:443

https://cdn.id5-sync.com/api/1.0/esp.js

tls, http2

chrome.exe

2.9kB
34.5kB
41
46

HTTP Request

GET https://cdn.id5-sync.com/api/1.0/esp.js

HTTP Response

200
34.102.146.192:443

https://oa.openxcdn.net/esp.js

tls, http2

chrome.exe

2.3kB
15.1kB
26
27

HTTP Request

GET https://oa.openxcdn.net/esp.js
178.250.1.3:443

https://static.criteo.net/js/ld/publishertag.ids.js

tls, http2

chrome.exe

2.1kB
18.4kB
22
23

HTTP Request

GET https://static.criteo.net/js/ld/publishertag.ids.js

HTTP Response

200
34.96.70.87:443

https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js

tls, http2

chrome.exe

2.1kB
7.9kB
21
23

HTTP Request

GET https://invstatic101.creativecdn.com/encrypted-signals/encrypted-tag-g.js
142.250.180.1:443

https://671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

tls, http2

chrome.exe

2.2kB
10.2kB
21
23

HTTP Request

GET https://671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
34.120.135.53:443

https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&rid=esp

tls, http2

chrome.exe

2.0kB
5.2kB
19
20

HTTP Request

GET https://oajs.openx.net/esp?url=https%3A%2F%2Fwww.mediafire.com%2Ffile%2Fuzn1akdxuvmydla%2FAlysse%2520V2.apk%2Ffile&rid=esp
162.19.138.116:443

https://id5-sync.com/api/esp/increment?counter=no-config

tls, http2

chrome.exe

1.7kB
3.8kB
13
13

HTTP Request

GET https://id5-sync.com/api/esp/increment?counter=no-config

HTTP Response

204
34.98.64.218:443

https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgC35crOywwkZjEb_wLeD4&google_cver=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=

tls, http2

chrome.exe

5.2kB
7.4kB
27
30

HTTP Request

GET https://google-bidout-d.openx.net/w/1.0/pd?plm=5

HTTP Request

GET https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D

HTTP Request

GET https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEHgC35crOywwkZjEb_wLeD4&google_cver=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=
37.252.171.85:443

ib.adnxs.com

tls

chrome.exe

6.3kB
7.8kB
17
18
72.246.173.80:443

https://sync.teads.tv/um?eid=3&uid=CAESELq6vTUe-5Nbom5x5E9vJxk&google_cver=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=

tls, http2

chrome.exe

4.6kB
9.9kB
23
25

HTTP Request

GET https://sync.teads.tv/um?eid=3&uid=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D

HTTP Request

GET https://sync.teads.tv/um?eid=3&uid=CAESELq6vTUe-5Nbom5x5E9vJxk&google_cver=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&addtl_consent=

HTTP Response

200

HTTP Response

302
72.246.173.80:443

sync.teads.tv

tls

chrome.exe

931 B
5.0kB
9
9
142.250.200.2:443

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssykNiVNKZ-QbZ5FffssthEKMae7qUjTOJxc7BwCRkYjj0S2r4_DMxwXw-YrQU4e6yxfQvxDRR0rOGpjgBGJusHT03eOxxu_TFrYroKNb9GvfdHs3Kh8O9J04A7Mlrk4U647UUvrv0ZBoTmRBbxz-pxQ-QvT-sNm7tGnQsg5nDH34dxC6in1A-Z29UMASdOUo_v5fu7tZb5LvrVo7UhFu91cgI-8w3HyyB6Q5aA1TQjRi2XtBvySQfXpPncEEwOF8B78JIW99dCVl5g_aQey9SVk6LFczK3xBKicQhuCnecwswezjryfYgbBBRQWj7ZGDc1devtdjzUMINK7nZEqBkNqxBNG3Isqy1IUbPuKknCazPzCxnBSJ3uGT42Lyu-zcroVWXOuRKV_h6bdS1Wt4cN6WaADugE32KegjMtNl2DEnbL14Gr2BJew_jaNAvhBjg_5q0bDusdiy21flwfNjtDkn_L2iLlxCAiPBaGDoYC-AqMC1pMGnd4iUnrYuqhQ1XMAenBXH_x1ETlNBeKFNQs0whIUNrr_AccAR3q-eDoRv7ngjSxvwzsdotBHYbd4y6yupCXMEAc9dj_b8j3dI4XuXIVIqyPNgou-2XHfp9dXnNS9HVopwT-E_ZtUgZAu1WIF5St76SFq0dA0olRjIHq9Kv8IitfnOekTGyKQZPh3GWStHhsB1-6c9rULeaX-yWyZGAxuJwVD-PaI962txBpXNSocGcoRghanjSvOoE7yON5NNV3eIj1GYfoCO7BVz4tO1da2kVsKgqMFedAk261bSYp21P-yZ1X_Cs6VcWSHA3fOetVgKHG8eo8GM5X19wB0NjT-_hmBhawdSBxpbb8ihxPfp4ntfxz3A5fsvYMItAPOs3Qjj_H8UGzDuutsrXbR2TZVL-SGdoDyMD3S21Q42657FflbqDO8xhQ2WJ13srnJ47PFjAm100Z01XO3vqsqfupqrf6W-MDoRieRJcOVyujDUhY2L3ykFFpMwJhDFEeuvP-RRY5267PrAKtdbI3pMay0be8jhj0TQgoamtTMg8_UqEMF9mc6UKh_MyuHYlEhu61nfEZojlmcsfpfhoXDjmj_lqkPgQSZsrIbMHWlqD9xh9GcSbSUJp7ov42XCl73yQjLKOHEqujLQ2DT9XfSEh7CIchelAAepBIq9FyrwAaRDHKe3LXLWjD2etMFssO8eoa1t_51iyxiFAMAnueA_A52mxpdmW63pyN5i0eCYkPY14ZK_jL2jYAknH2-wOXDKe4nt0lGQ27TbQqPfFM-OH4TB0SkR4tq1DeZCrYnlm3bjjflwMkanWjp6sM4thahWB5YVjnVDLjTyV3Sp0ogMa8lCX7D_j0LyMpoz1UKz5gd3i8ULczIF4UeXg97oqv6iPIR_OQzfW6OxyolqmiAP7BT-owC5Xw-YEgvQ0iM8bbZ8MHRiu7lZiW3B1yIklhkeTmdQY69c0&sai=AMfl-YSQHzEOaIqvGbYOMcC--en8eANBxszuNti7eUB-kHRjERhRMWUaIJP-dPvmN9Cs9cw3FgQ2DwJHa59db7oi5fRTCU_Iww3SJVkjIFEEJoC-2wjJ3D3tJKZShWqytX6UNhBXhTBH8OoXghrQbTRB4WIVk_cItSXpr-YHUeXIz8FHj1xaZFvgxiv3OhZ3BgF2NTea-DmeUaABRXKpQM2MJs2plimLDIxzoBRhvfXdNotcjVK2hZI6AmGqe51XTGNiY-UIHElKatIoczxVNR07ADqW1IrkYIqcHJDolzq1x6UAlBcaNW0ugF7BKewCkfVk_MFUO8J7LieqiwT1YcXgA5R4d4BXEeGQng78EGgj_UaVGSVFsqiHpHDGZQJW1fHPlZdo1-VKhuIfkJdBcBI4-eaTW-PKl8IpvhzN1dzKyAgxTPQ&sig=Cg0ArKJSzPGHFB3TE9G9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=148&cisv=r20240403.29653&arae=0&ftch=1&adurl=

tls, http2

chrome.exe

5.8kB
7.6kB
23
24

HTTP Request

GET https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvLi8xcNtqqzMpgn3gfdbRrKQJ7H8riZk2nDPpauDXlUs9Dmbl-GDbpFsEadqGUzll0qwUcshOQ32j7SY4JxfVQqqtrJsGMFPL032Ju77ALSv0z0RytvUGDCwABLUOqxIWvBBPuZLrQlDQcPu84ytSZ12X_dKm8uYI2XRAIFCLL2iIY-GFaGeCn30kk9VvZsWTRTuInpoBKl-4oNbLgwUdaL1RNDVNf3Jb1T-myy7BWvB88mvKcHfFB0ZqP3eH9yOrnAr95MtCzIDvEr8qmNy1nZhWEOxdNhr1triIFQ7e3PQifcoHCB_3LkAhO-rm59VIk7go5PAEsdn6A3f1Qxn4s7_Z3Aoe_ZRl_z_IR4AhDTZjYQ1xyKDGtSfWbHR6fX_dwoWCEXlIV5oQP4eoIvqcwuwmImJILnCuTtLzjK5eXT9pIY9mDrDHdjKJ3Nreh9hyGCcscu_7s-Tbkd3XTjQeXrVBPB81WnCzl8sOQEbTKcGGxn3kcv6GIIVjiHiN3d_Hpj6OAA95FcnUjT6x9ZuZIDxEJ9X_wQhT1S29LlVEybrkX2yTuvnStMAlqVlFHNt-jMzu3iqhTkM2CsVhjIXAQp_i3vqTEYOBvuMLHKtqRa9wkAlZSu42kuF78UHYTVE0GGqEbK85xbybpm-OQVJ27crukFOEFFeRIGRQHeJtUQqg-d0L3Bq_Lo3PkTXaCLjvhSxdFzrFOW8ARpWlNcQyFmQ6v5ELYFcjCaIeOScQbgMKAwgBEhBbkgvGmXP6ePjgSdhE6euuxSG_Qe0FBbXYmu7nKAtzq5pEK9U4DPxlqqVG7kXduRlft3LH3MpE2MUDKGxkhJB_xb7tf8ANOAEOzfO1I67s_s0EiSEN8kNncGpJH-s6kCuqXy13Yh59_wN3gp8cdByF5Oz636Ebw_GZ_zhA_p1UJ9L4qhbIpVEolTb89j-1wQvgsg6k8KvpP0LprMQ-E1VWAr2Y27ixHuu09ZHgoxbR_RkGdDZMIzLGlIoeG8HfESzny-GZwNZdQJjECZaUdHjO3NifDdPQs17AlPe_N6NA_ZIxryQapTuqYX0wxpCARrgvRGUn0Uid19udVwTgiN_QgAd5S2xofJcciBwvDLnUkabiAine0sdI1gbYlIUZRpOISeL6DDKd557XKmLCH-hPaC19tbEG9AoRFXgG5ND4-VplE1y2W4LIvfdko68pbjPnA45KRi9-wYUALNRZRl499utorDCuUIw-R-Rk2Fljb49KC9IDPIDSW-6QsI5rMlbNPM5cU_UU7Y0ddccZs-XHQV0hGLVZ_Ucp1c_IM3trRP2c1KQRhpCUr03m8Iwx9dQD9qCi8F3cLPx_Dyds2Mr5NA7V9TnYN5DOVfgfn2qtjLfTrbI-Y7prxQsHpJXjAriW3t1i6MlpIoCLPw-d5uD2dUGJPT35iMVoOeHeN94Zv8_OKB702Wsf0CsdLxPBxfzPJJX8&sai=AMfl-YRVY41ifcRgqKqmZj1YtOWwawnbsnZipDuYsJpuuoomQS1mlwuZ9ZW-BstZBslm453W-lSrJRG4x1shRy2JZSMRyV-vKew6G1rWJoPeyNT2BH564eEnjtG0QoGOpmqv37eUiFVOnL_y8Dio6MzlwGXFZlE8CRUd_oRhswu8dcsowyzeXMJQXAZIlN_l8qU7WayO0GhFpfz9MnjWHs0NtOrg0_-DAc6CiOuxl0IxiDbHwkyEaLC4_VErzXP5FUaeZEAZKvi3QKZAjlxnBPLQU6PPHl9OoQD5-I2nibNSQfIrh88A2ootCyuLKn4O3-sOPBWf6gPxiAszWPSq7lC4HjuCvIPW07g4Wolnt_y1-qH8nzuBfXA8aqAu46yY5Ke6CbxDDjAEzQTRtFYmrwHbmOD2hmuaVKJOBWgOJSVOfuEcSa4W9I8&sig=Cg0ArKJSzHe-g_iTvfpsEAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=539&cbvp=1&cstd=529&cisv=r20240403.08383&uach=WyJXaW5kb3dzIiwiMTAuMC4wIiwieDg2IiwiIiwiMTA2LjAuNTI0OS4xMTkiLG51bGwsMCxudWxsLCI2NCIsW1siQ2hyb21pdW0iLCIxMDYuMC41MjQ5LjExOSJdLFsiR29vZ2xlIENocm9tZSIsIjEwNi4wLjUyNDkuMTE5Il0sWyJOb3Q7QT1CcmFuZCIsIjk5LjAuMC4wIl1dLDBd&arae=0&ftch=1&adurl=

HTTP Request

GET https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssykNiVNKZ-QbZ5FffssthEKMae7qUjTOJxc7BwCRkYjj0S2r4_DMxwXw-YrQU4e6yxfQvxDRR0rOGpjgBGJusHT03eOxxu_TFrYroKNb9GvfdHs3Kh8O9J04A7Mlrk4U647UUvrv0ZBoTmRBbxz-pxQ-QvT-sNm7tGnQsg5nDH34dxC6in1A-Z29UMASdOUo_v5fu7tZb5LvrVo7UhFu91cgI-8w3HyyB6Q5aA1TQjRi2XtBvySQfXpPncEEwOF8B78JIW99dCVl5g_aQey9SVk6LFczK3xBKicQhuCnecwswezjryfYgbBBRQWj7ZGDc1devtdjzUMINK7nZEqBkNqxBNG3Isqy1IUbPuKknCazPzCxnBSJ3uGT42Lyu-zcroVWXOuRKV_h6bdS1Wt4cN6WaADugE32KegjMtNl2DEnbL14Gr2BJew_jaNAvhBjg_5q0bDusdiy21flwfNjtDkn_L2iLlxCAiPBaGDoYC-AqMC1pMGnd4iUnrYuqhQ1XMAenBXH_x1ETlNBeKFNQs0whIUNrr_AccAR3q-eDoRv7ngjSxvwzsdotBHYbd4y6yupCXMEAc9dj_b8j3dI4XuXIVIqyPNgou-2XHfp9dXnNS9HVopwT-E_ZtUgZAu1WIF5St76SFq0dA0olRjIHq9Kv8IitfnOekTGyKQZPh3GWStHhsB1-6c9rULeaX-yWyZGAxuJwVD-PaI962txBpXNSocGcoRghanjSvOoE7yON5NNV3eIj1GYfoCO7BVz4tO1da2kVsKgqMFedAk261bSYp21P-yZ1X_Cs6VcWSHA3fOetVgKHG8eo8GM5X19wB0NjT-_hmBhawdSBxpbb8ihxPfp4ntfxz3A5fsvYMItAPOs3Qjj_H8UGzDuutsrXbR2TZVL-SGdoDyMD3S21Q42657FflbqDO8xhQ2WJ13srnJ47PFjAm100Z01XO3vqsqfupqrf6W-MDoRieRJcOVyujDUhY2L3ykFFpMwJhDFEeuvP-RRY5267PrAKtdbI3pMay0be8jhj0TQgoamtTMg8_UqEMF9mc6UKh_MyuHYlEhu61nfEZojlmcsfpfhoXDjmj_lqkPgQSZsrIbMHWlqD9xh9GcSbSUJp7ov42XCl73yQjLKOHEqujLQ2DT9XfSEh7CIchelAAepBIq9FyrwAaRDHKe3LXLWjD2etMFssO8eoa1t_51iyxiFAMAnueA_A52mxpdmW63pyN5i0eCYkPY14ZK_jL2jYAknH2-wOXDKe4nt0lGQ27TbQqPfFM-OH4TB0SkR4tq1DeZCrYnlm3bjjflwMkanWjp6sM4thahWB5YVjnVDLjTyV3Sp0ogMa8lCX7D_j0LyMpoz1UKz5gd3i8ULczIF4UeXg97oqv6iPIR_OQzfW6OxyolqmiAP7BT-owC5Xw-YEgvQ0iM8bbZ8MHRiu7lZiW3B1yIklhkeTmdQY69c0&sai=AMfl-YSQHzEOaIqvGbYOMcC--en8eANBxszuNti7eUB-kHRjERhRMWUaIJP-dPvmN9Cs9cw3FgQ2DwJHa59db7oi5fRTCU_Iww3SJVkjIFEEJoC-2wjJ3D3tJKZShWqytX6UNhBXhTBH8OoXghrQbTRB4WIVk_cItSXpr-YHUeXIz8FHj1xaZFvgxiv3OhZ3BgF2NTea-DmeUaABRXKpQM2MJs2plimLDIxzoBRhvfXdNotcjVK2hZI6AmGqe51XTGNiY-UIHElKatIoczxVNR07ADqW1IrkYIqcHJDolzq1x6UAlBcaNW0ugF7BKewCkfVk_MFUO8J7LieqiwT1YcXgA5R4d4BXEeGQng78EGgj_UaVGSVFsqiHpHDGZQJW1fHPlZdo1-VKhuIfkJdBcBI4-eaTW-PKl8IpvhzN1dzKyAgxTPQ&sig=Cg0ArKJSzPGHFB3TE9G9EAE&uach_m=%5BUACH%5D&pr=missingexchangepricemacro&fbs_aeid=%5Bgw_fbsaeid%5D&urlfix=1&omid=0&rm=1&ctpt=151&cbvp=1&cstd=148&cisv=r20240403.29653&arae=0&ftch=1&adurl=
142.250.200.2:443

googleads4.g.doubleclick.net

tls, http2

chrome.exe

999 B
6.0kB
9
8
178.250.1.11:443

https://gum.criteo.com/sid/json?origin=publishertagids&domain=mediafire.com&sn=ChromeSyncframe&so=0&topUrl=www.mediafire.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

tls, http2

chrome.exe

4.7kB
11.3kB
20
18

HTTP Request

GET https://gum.criteo.com/syncframe?origin=publishertagids&topUrl=www.mediafire.com&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---&gpp=&gpp_sid=-1

HTTP Response

200

HTTP Request

GET https://gum.criteo.com/sid/json?origin=publishertagids&domain=mediafire.com&sn=ChromeSyncframe&so=0&topUrl=www.mediafire.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0

HTTP Response

200
199.91.155.130:443

https://download2389.mediafire.com/sa2xsaqut4kggNYApg1aBN_OjX_HyLfI4rh-m2xeA-x79D7EiqqX9DTd5MjXcq9V8urrpESyEBPQJkeLQWTQFcdGJ1rQggkCfZZaNlsiOMeVa2ONb66qi344mo2rb8iGgsWGJKyz80wuPioau9NiKpYiK4u4DF_l3Iu2-b1lgLBk/uzn1akdxuvmydla/Alysse+V2.apk

tls, http

chrome.exe

2.7MB
145.0MB
56715
103774

HTTP Request

GET https://download2389.mediafire.com/sa2xsaqut4kggNYApg1aBN_OjX_HyLfI4rh-m2xeA-x79D7EiqqX9DTd5MjXcq9V8urrpESyEBPQJkeLQWTQFcdGJ1rQggkCfZZaNlsiOMeVa2ONb66qi344mo2rb8iGgsWGJKyz80wuPioau9NiKpYiK4u4DF_l3Iu2-b1lgLBk/uzn1akdxuvmydla/Alysse+V2.apk

HTTP Response

200
199.91.155.130:443

download2389.mediafire.com

tls

chrome.exe

989 B
4.8kB
9
10
104.16.53.110:80

http://otnolatrnup.com/hideref.engine?d=https%3A%2F%2Fworeppercomming.com%2F90c1a7c4-9526-4fe6-befc-18062e96619e%3Fcampaignname%3D2_OperaGX%26placementname%3D2_OperaGX_UK_Win_101%26bid%3D6.785%26totalcpv%3D0.006785%26channel%3DFile%2BHosting%2B%2526%2BSharing%26subchannel%3DFile%2BHosting%2B%2526%2BSharing%26medianame%3D2_OperaGX_WW_5.22%26keywords%3Donline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%2Conline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%26sourceid%3D101%26domainid%3D1%26cpv%3D0.006785%26s2sParam%3Dac1e93e9-440e-4e0e-a7a3-83caf7ed464c

http

chrome.exe

2.1kB
1.9kB
14
12

HTTP Request

GET http://otnolatrnup.com/hideref.engine?d=https%3A%2F%2Fworeppercomming.com%2F90c1a7c4-9526-4fe6-befc-18062e96619e%3Fcampaignname%3D2_OperaGX%26placementname%3D2_OperaGX_UK_Win_101%26bid%3D6.785%26totalcpv%3D0.006785%26channel%3DFile%2BHosting%2B%2526%2BSharing%26subchannel%3DFile%2BHosting%2B%2526%2BSharing%26medianame%3D2_OperaGX_WW_5.22%26keywords%3Donline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%2Conline+storage%2Cfree+storage%2Ccloud+storage%2Ccollaboration%2Cbackup+file+sharing%2Cshare+files%2Cphoto+backup%2Cphoto+sharing%2Cftp+replacement%2Ccross+platform%2Cremote+access%2Cmobile+access%2Csend+large+files%2Crecover+files%2Cfile+versioning%2Cundelete%2Cwindows%2Cpc%2Cmac%2Cos+x%2Clinux%2Ciphone%26sourceid%3D101%26domainid%3D1%26cpv%3D0.006785%26s2sParam%3Dac1e93e9-440e-4e0e-a7a3-83caf7ed464c

HTTP Response

302
104.16.53.110:80

otnolatrnup.com

chrome.exe

190 B
132 B
4
3
18.173.233.49:443

https://woreppercomming.com/90c1a7c4-9526-4fe6-befc-18062e96619e/2?campaignname=2_OperaGX&placementname=2_OperaGX_UK_Win_101&bid=6.785&totalcpv=0.006785&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=1&cpv=0.006785&s2sParam=ac1e93e9-440e-4e0e-a7a3-83caf7ed464c

tls, http2

chrome.exe

3.6kB
8.6kB
20
21

HTTP Request

GET https://woreppercomming.com/90c1a7c4-9526-4fe6-befc-18062e96619e?campaignname=2_OperaGX&placementname=2_OperaGX_UK_Win_101&bid=6.785&totalcpv=0.006785&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=1&cpv=0.006785&s2sParam=ac1e93e9-440e-4e0e-a7a3-83caf7ed464c

HTTP Response

307

HTTP Request

GET https://woreppercomming.com/90c1a7c4-9526-4fe6-befc-18062e96619e/2?campaignname=2_OperaGX&placementname=2_OperaGX_UK_Win_101&bid=6.785&totalcpv=0.006785&channel=File%20Hosting%20&%20Sharing&subchannel=File%20Hosting%20&%20Sharing&medianame=2_OperaGX_WW_5.22&keywords=online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone,online%20storage,free%20storage,cloud%20storage,collaboration,backup%20file%20sharing,share%20files,photo%20backup,photo%20sharing,ftp%20replacement,cross%20platform,remote%20access,mobile%20access,send%20large%20files,recover%20files,file%20versioning,undelete,windows,pc,mac,os%20x,linux,iphone&sourceid=101&domainid=1&cpv=0.006785&s2sParam=ac1e93e9-440e-4e0e-a7a3-83caf7ed464c

HTTP Response

302
172.67.174.4:443

www.ovardu.com

tls, http2

chrome.exe

1.0kB
5.2kB
10
9
178.250.1.9:443

https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

tls, http2

chrome.exe

4.6kB
8.4kB
18
16

HTTP Request

GET https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

HTTP Response

302

HTTP Request

GET https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@

HTTP Response

302
67.220.226.233:443

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&dcc=t

tls, http

chrome.exe

6.3kB
11.0kB
24
26

HTTP Request

GET https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302

HTTP Request

GET https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&dcc=t

HTTP Response

200
185.64.191.210:443

https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRSWXMnUYRWgUXRTa&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http2

chrome.exe

43.1kB
17.3kB
94
117

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1598037658714274150&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1598037658714274150&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=CAESEPCLHfxFPRQOOroR7wzbEdM&google_cver=1

HTTP Request

GET https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=c2f4c7f3-e4cf-4075-8d4a-e572bef7dcea&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=3975872950728440512

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://image2.pubmatic.com/AdServer/Pug?gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=3QtqqtpZa__GDmOn0w92p94Fbv3GBTr7ili9INri

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7355536101821839502&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=7b97560b-443e-4085-8d78-fa4268abdc5d&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr_pd=&us_privacy=

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=oDHTg3vfVxNfj2Iimit6yL9l0Sc&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Request

GET https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=2938864279918275978

HTTP Response

200

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNTQmdGw9NDMyMDA%3D&piggybackCookie=VoOMKKGAC0P1-4uUuLK9WMwWvZ86hrpGfwZ1IG9MwhA&pi=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MTI5NjAw&piggybackCookie=c1187760-8c8e-4a62-abfe-207485a43242-66141d1e-5553&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTQ2MSZ0bD0xMDA4MA==&piggybackCookie=AAAIMYyCsDgzHAN6TlRBAAAAAAA&expiration=1712680607&nuid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&is_secure=true&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr=1

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7263111511922957154&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=

HTTP Response

200

HTTP Request

GET https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA=&piggybackCookie=OPU70bef5913bdb49f5981b668b6a30356a

HTTP Response

200

HTTP Request

GET https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=2554565571426866805

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzcmdGw9ODY0MDA=&piggybackCookie=37883803181144&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAGz0E7MKDoAABXnInPt6g&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&gdpr=1&piggybackCookie=uid:d68bcc1c-191d-47c5-9b32-fc70409aa188&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzMDEmdGw9MTI5NjAw&piggybackCookie=428af14e-f5c6-11ee-a000-e28a488a8b00

HTTP Response

200

HTTP Request

GET https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-bf21b128-10ea-4bea-b586-f21a606463ba-003&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=tk2EoAPtRSWXMnUYRWgUXRTa&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200
185.64.191.210:443

simage2.pubmatic.com

tls

chrome.exe

977 B
4.8kB
10
8
67.220.226.233:443

https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http

chrome.exe

3.3kB
1.5kB
9
8

HTTP Request

GET https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200
52.215.200.207:443

a.audrte.com

tls

chrome.exe

3.4kB
10.2kB
13
15
52.215.200.207:443

a.audrte.com

tls

chrome.exe

3.4kB
10.2kB
13
15
34.111.129.221:443

https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http2

chrome.exe

3.3kB
7.0kB
22
21

HTTP Request

GET https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA
52.223.40.198:443

match.adsrvr.org

tls

chrome.exe

11.5kB
21.0kB
71
79
52.49.52.84:443

pr-bh.ybp.yahoo.com

tls

chrome.exe

4.9kB
7.0kB
21
24
52.49.52.84:443

pr-bh.ybp.yahoo.com

tls

chrome.exe

1.1kB
4.1kB
9
9
34.91.62.186:443

um.simpli.fi

tls

chrome.exe

10.0kB
19.2kB
59
50
37.157.5.132:443

c1.adform.net

tls

chrome.exe

6.4kB
10.8kB
24
29
3.71.149.231:443

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&verify=true

tls, http2

chrome.exe

7.2kB
10.5kB
24
25

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=678B240F-A923-4EC7-8BA2-5658AC011D78&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&verify=true

HTTP Request

GET https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&redir=true&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&verify=true
3.71.149.231:443

ups.analytics.yahoo.com

tls

chrome.exe

1.1kB
5.2kB
10
10
198.47.127.20:443

https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

tls, http2

chrome.exe

14.8kB
7.7kB
40
46

HTTP Request

GET https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J4chG_RE2uUH8XjcvJN7Byycl7tUqLc-~A&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-J4chG_RE2uUH8XjcvJN7Byycl7tUqLc-~A&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200

HTTP Request

GET https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Response

200

HTTP Request

GET https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Response

200

HTTP Request

GET https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Response

200

HTTP Request

GET https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Response

200

HTTP Request

GET https://simage4.pubmatic.com/AdServer/SPug?partnerID=158936&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&us_privacy=1---

HTTP Response

200
34.111.131.239:443

https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9655CB93-E9CA-4AF8-A1D5-5834E2E93909

tls, http2

chrome.exe

2.1kB
5.6kB
19
18

HTTP Request

GET https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=9655CB93-E9CA-4AF8-A1D5-5834E2E93909
54.172.158.143:443

sync.srv.stackadapt.com

tls

chrome.exe

2.9kB
9.5kB
15
15
35.214.149.91:443

x.bidswitch.net

tls

chrome.exe

2.0kB
4.1kB
12
11
91.228.74.244:443

cms.quantserve.com

tls

chrome.exe

3.9kB
7.1kB
20
24
3.248.140.44:443

pm.w55c.net

tls

chrome.exe

3.2kB
7.8kB
16
14
193.0.160.130:443

a.rfihub.com

tls

chrome.exe

2.2kB
8.0kB
16
19
35.214.168.80:443

https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEHLzvuEBk6TPsnDxPd1hVOs&google_cver=1&google_push=AXcoOmRRsy6i4zndN5VnV7PlOkJ34KHGh0aQM_d5QCliJ3_oWc0rSGbwbAS_FiekYH2UZrZonDIQoIms2ND84VquHO2BTXiTlGBDO0c

tls, http2

chrome.exe

3.0kB
6.7kB
27
30

HTTP Request

GET https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEHLzvuEBk6TPsnDxPd1hVOs&google_cver=1&google_push=AXcoOmR7AuIFu6M7BAQzjWShRKJil3Pa7rAi1vITz0YJmZGb_J3Jh-YzzYubI9-JZoN66HP5-klE3QDt2Mb1SfDjrk5gML38z6-HzSfm

HTTP Request

GET https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEHLzvuEBk6TPsnDxPd1hVOs&google_cver=1&google_push=AXcoOmRv0EMVC6-Ce3VNemRyppsUyuhiRLjBlHR8RTTTShWp6XtLTil3DC_bQtyg2odE71Muv-fwnNBMpYaUtACDSOjEn6_lpocCEjI

HTTP Request

GET https://gtrace.mediago.io/ju/cs/google?google_gid=CAESEHLzvuEBk6TPsnDxPd1hVOs&google_cver=1&google_push=AXcoOmRRsy6i4zndN5VnV7PlOkJ34KHGh0aQM_d5QCliJ3_oWc0rSGbwbAS_FiekYH2UZrZonDIQoIms2ND84VquHO2BTXiTlGBDO0c
3.248.140.44:443

pm.w55c.net

tls

chrome.exe

4.2kB
8.8kB
17
15
35.214.149.91:443

x.bidswitch.net

tls

chrome.exe

30.8kB
18.0kB
64
44
54.172.158.143:443

sync.srv.stackadapt.com

tls

chrome.exe

2.0kB
7.7kB
12
12
193.0.160.130:443

a.rfihub.com

tls

chrome.exe

3.4kB
9.2kB
18
21
35.214.168.80:443

gtrace.mediago.io

tls

chrome.exe

931 B
3.8kB
9
7
185.184.8.90:443

https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http2

chrome.exe

3.9kB
8.2kB
24
22

HTTP Request

GET https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEJsjPJCfnDgEE49hR7VIvfE&google_cver=1&google_push=AXcoOmT_CH3RfodRWwe8w_9nhBPI_rWCuybB7vxXi-JVEMqko5OZE8BIciHjfli73R6hlljY7PzNa1CcGvHne2wWtudyK5Za2g2AlA

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=adxab&google_nid=rtb_house&google_gid=CAESEJsjPJCfnDgEE49hR7VIvfE&google_cver=1&google_push=AXcoOmT_CH3RfodRWwe8w_9nhBPI_rWCuybB7vxXi-JVEMqko5OZE8BIciHjfli73R6hlljY7PzNa1CcGvHne2wWtudyK5Za2g2AlA&tc=1

HTTP Response

302

HTTP Request

GET https://creativecdn.com/cm-notify?pi=pubmatic&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302
3.248.140.44:443

pm.w55c.net

tls

chrome.exe

930 B
520 B
8
8
54.172.158.143:443

sync.srv.stackadapt.com

tls

chrome.exe

884 B
460 B
7
7
174.137.133.49:443

dsp.adkernel.com

tls

chrome.exe

19.5kB
10.4kB
46
33
178.250.1.9:443

https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR2CzCwkFGMDmeg59GqDB_qjitdCrUPdKtRxepBjPHEB0OtKtmP5I4WscQJWgoEnGbZwG9yLg5RAjg_VVKZx_2RkJie0Ssm9A&google_gid=CAESEA0Z0RB1HlQKYEzKPTiRswE&google_cver=1

tls, http2

chrome.exe

2.3kB
1.9kB
12
11

HTTP Request

GET https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmQF4Wf_aaAADLx3mcpS5_bjVnJY5wZI_dFURVlcdRi1DLkvwDdcf0Z-caiKefm_4PrSNmGdOfiXeB0DQeExlpLQimQXLU12wg&google_gid=CAESEA0Z0RB1HlQKYEzKPTiRswE&google_cver=1

HTTP Response

302

HTTP Request

GET https://dis.criteo.com/dis/usersync.aspx?r=4&p=14&cp=google&cu=1&url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcjp%26google_hm%3D%40%40CRITEO_USERID%40%40%26google_push%3DAXcoOmR2CzCwkFGMDmeg59GqDB_qjitdCrUPdKtRxepBjPHEB0OtKtmP5I4WscQJWgoEnGbZwG9yLg5RAjg_VVKZx_2RkJie0Ssm9A&google_gid=CAESEA0Z0RB1HlQKYEzKPTiRswE&google_cver=1

HTTP Response

302
34.96.105.8:443

https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEC5zVKccELJQGsJ-qrczmsI&google_cver=1&google_push=AXcoOmTSBG_2esGAAj-5hBCAAhLzFRvvlTSNk2gF1Ct2pXqSgHeH3W9rW1Uv65_zOEGhPRswjHIOcYN4wiVEJitiI1qGaGG23fI9e3I

tls, http2

chrome.exe

2.2kB
6.5kB
20
21

HTTP Request

GET https://tr.blismedia.com/v1/api/sync/AdxPixel?google_gid=CAESEC5zVKccELJQGsJ-qrczmsI&google_cver=1&google_push=AXcoOmTSBG_2esGAAj-5hBCAAhLzFRvvlTSNk2gF1Ct2pXqSgHeH3W9rW1Uv65_zOEGhPRswjHIOcYN4wiVEJitiI1qGaGG23fI9e3I
89.207.16.140:443

dclk-match.dotomi.com

tls

chrome.exe

8.3kB
7.9kB
53
36
51.89.9.252:443

https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKjQ40e9Bh9934kHs_h3PR8&google_cver=1&google_push=AXcoOmSumd0sbJa8kZUhyGWvt4gEMYtjLq11FM_iUFPwgWVaPMwDtjrVdd-ooHqWjJ8ziwmVryfOebR20qVSWS0P8aMgVAe7iXX_bw

tls, http2

chrome.exe

2.1kB
4.7kB
15
13

HTTP Request

GET https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKjQ40e9Bh9934kHs_h3PR8&google_cver=1&google_push=AXcoOmTyTtSMJF9lAHgnT6muj_vGHhy16O9kHho9bJ3uifpKS7jW3dfHgkvs5vxVLGWNMOpjOwNwmfHDEImX6ob4vB-NWlvmRI3NfCs

HTTP Response

302

HTTP Request

GET https://onetag-sys.com/match/?int_id=19&redir=1&google_gid=CAESEKjQ40e9Bh9934kHs_h3PR8&google_cver=1&google_push=AXcoOmSumd0sbJa8kZUhyGWvt4gEMYtjLq11FM_iUFPwgWVaPMwDtjrVdd-ooHqWjJ8ziwmVryfOebR20qVSWS0P8aMgVAe7iXX_bw

HTTP Response

302
46.228.164.11:443

https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK_hn3jfmVrf60JN03kV63Q&google_cver=1

tls, http2

chrome.exe

2.2kB
8.1kB
18
18

HTTP Request

GET https://ad.turn.com/r/cs?pid=3&google_gid=CAESEK_hn3jfmVrf60JN03kV63Q&google_cver=1&google_push=AXcoOmTbGdh2NZIdJoMRSbMFgfIjjecL9vLUHjXrnHsYRrC02BHJ415q7Y546QP0gbRbRm5McgHU7vC3orS--gRVHaFmyX8hU-xhmg

HTTP Response

302

HTTP Request

GET https://r.turn.com/r/cms/id/0/ddc/1/pid/18/uid/?gdpr=&gdpr_consent=&google_gid=CAESEK_hn3jfmVrf60JN03kV63Q&google_cver=1

HTTP Response

200
104.18.25.173:443

https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

tls, http2

chrome.exe

3.9kB
8.4kB
27
31

HTTP Request

GET https://a.tribalfusion.com/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

HTTP Request

GET https://a.tribalfusion.com/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

HTTP Response

302

HTTP Request

GET https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmQf4UjGMDtTyau7iiDTQBeUzsA-NAcFWX5MWhJSipqhCHSseZDBOYwiJ0cvvBrWW-cSzV4JR4Qr9ij4EOcWY2nCD5v-cvcDEQ%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

HTTP Response

302

HTTP Request

GET https://s.tribalfusion.com/z/i.match?p=b6&u=CAESEGwsIY7rXs5RojyXticukdQ&google_cver=1&google_push=AXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE&redirect=https%3A//cm.g.doubleclick.net/pixel%3Fgoogle_nid%3Dexp%26google_push%3DAXcoOmT1_hEnA8HLvQbDec0MrqybbmbtsPM4HVNwmJC95r5_OYKOjUn7-7CS2LinHDGzaxVOASjTCQ2A7HGu9G1ID1rGfwGX7AnwPtE%26google_ula%3D2786954%26google_hm%3D%24TF_USER_ID_ENC%24

HTTP Response

200

HTTP Response

200
50.31.142.255:443

b1sync.zemanta.com

tls

chrome.exe

3.7kB
6.9kB
13
11
50.31.142.255:443

b1sync.zemanta.com

tls

chrome.exe

2.0kB
4.9kB
11
9
50.31.142.255:443

b1sync.zemanta.com

tls

chrome.exe

1.0kB
3.9kB
8
8
50.31.142.255:443

b1sync.zemanta.com

tls

chrome.exe

1.0kB
3.9kB
8
8
104.21.49.80:443

https://k-storage.com/uwp/Krnl.exe

tls, http2

chrome.exe

2.2kB
13.6kB
24
29

HTTP Request

GET https://k-storage.com/uwp/Krnl.exe

HTTP Response

521
174.137.133.49:443

dsp.adkernel.com

tls

chrome.exe

889 B
531 B
7
8
54.172.158.143:443

sync.srv.stackadapt.com

tls

chrome.exe

3.9kB
4.0kB
11
9
18.158.116.115:443

sonata-notifications.taptapnetworks.com

tls

chrome.exe

3.3kB
8.1kB
18
19
85.114.159.118:443

dsp.adfarm1.adition.com

tls

chrome.exe

3.4kB
6.0kB
13
11
193.0.160.130:443

p.rfihub.com

tls

chrome.exe

4.1kB
7.8kB
17
20
151.101.2.49:443

sync-tm.everesttech.net

tls

chrome.exe

5.2kB
9.5kB
25
27
77.243.51.121:443

https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&sInitiator=external&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http

chrome.exe

5.7kB
6.6kB
16
15

HTTP Request

GET https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&sInitiator=external&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302

HTTP Request

GET https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&sInitiator=external&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

200
172.67.40.173:443

https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&cid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909

tls, http2

chrome.exe

3.2kB
6.2kB
20
21

HTTP Request

GET https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&cid=9655CB93-E9CA-4AF8-A1D5-5834E2E93909

HTTP Response

200
15.235.15.221:443

https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m

tls, http

chrome.exe

7.1kB
12.1kB
16
21

HTTP Request

GET https://pixel.onaudience.com/?partner=214&mapped=9655CB93-E9CA-4AF8-A1D5-5834E2E93909&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302

HTTP Request

GET https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m

HTTP Response

302
34.36.216.150:443

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http2

chrome.exe

3.1kB
6.2kB
19
20

HTTP Request

GET https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA
3.121.27.153:443

ps.eyeota.net

tls

chrome.exe

10.6kB
13.7kB
25
21
63.215.202.172:443

pubmatic-match.dotomi.com

tls

chrome.exe

4.4kB
7.5kB
15
20
46.228.164.13:443

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=dn5h51u&&referrer_pid=dn5h51u

tls, http2

chrome.exe

2.0kB
7.6kB
16
16

HTTP Request

GET https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjg0NTA1NDYvdC8w/url/https://ps.eyeota.net/match?bid=1mpjpn0&turn_id=$!{TURN_UUID}&newuser=1&dc_rc=2&dc_mr=5&dc_orig=dn5h51u&&referrer_pid=dn5h51u

HTTP Response

302
46.228.164.11:443

https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http2

chrome.exe

3.1kB
9.3kB
19
19

HTTP Request

GET https://ad.turn.com/r/cs?pid=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302
37.252.171.85:443

ib.adnxs.com

tls

chrome.exe

1.9kB
1.8kB
10
11
213.155.156.183:443

https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=$UID

tls, http2

chrome.exe

4.6kB
10.8kB
19
20

HTTP Request

GET https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=$UID

HTTP Response

302

HTTP Request

GET https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&piggybackCookie=$UID

HTTP Response

302
52.30.157.117:443

match.prod.bidr.io

tls

chrome.exe

17.9kB
21.4kB
29
27
82.145.213.8:443

t.adx.opera.com

tls

chrome.exe

2.0kB
5.3kB
16
17
35.214.244.54:443

https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http2

chrome.exe

3.0kB
4.4kB
13
12

HTTP Request

GET https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

504
35.186.193.173:443

https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]

tls, http2

chrome.exe

2.2kB
5.5kB
19
21

HTTP Request

GET https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
195.5.165.20:443

core.iprom.net

tls

chrome.exe

3.3kB
6.4kB
10
10
89.149.192.200:443

https://rtb-csync.smartadserver.com/redir?partneruserid=AAGz0E7MKDoAABXnInPt6g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http

chrome.exe

5.2kB
8.5kB
15
13

HTTP Request

GET https://rtb-csync.smartadserver.com/redir?partneruserid=AAGz0E7MKDoAABXnInPt6g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302
34.102.163.6:443

ad.mrtnsvr.com

tls

chrome.exe

747 B
212 B
5
5
34.102.163.6:443

ad.mrtnsvr.com

tls

chrome.exe

747 B
212 B
5
5
35.186.154.107:443

cm-supply-web.gammaplatform.com

chrome.exe

260 B
5
208.93.169.131:443

https://bh.contextweb.com/bh/rtset?ev=AAGz0E7MKDoAABXnInPt6g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26userid%3D2561523538200970354%26gdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http2

chrome.exe

5.7kB
12.6kB
20
19

HTTP Request

GET https://bh.contextweb.com/bh/rtset?ev=AAGz0E7MKDoAABXnInPt6g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26userid%3D2561523538200970354%26gdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302
64.227.64.62:443

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http

chrome.exe

3.5kB
9.0kB
15
16

HTTP Request

GET https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302
35.186.154.107:443

cm-supply-web.gammaplatform.com

chrome.exe

260 B
5
142.250.200.14:443

https://google.com/domainreliability/upload

tls, http2

chrome.exe

2.3kB
10.0kB
22
24

HTTP Request

POST https://google.com/domainreliability/upload
192.178.49.163:443

https://beacons.gcp.gvt2.com/domainreliability/upload

tls, http2

chrome.exe

8.1kB
8.0kB
30
31

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload

HTTP Request

POST https://beacons.gcp.gvt2.com/domainreliability/upload
35.190.80.1:443

a.nel.cloudflare.com

tls, http2

chrome.exe

943 B
4.0kB
8
7
35.190.80.1:443

https://a.nel.cloudflare.com/report/v4?s=TlWfxE%2BZckYQ9BWQsM4RBUK%2FYX9OgQiqD01YfZAHUVooVUFgK3Zxw09bLvirxWWqGQg2swhpgpp6sQ1VTOkP2CtozFq7UriTa3OXFMvtBPf0uudLjRnn2lgUwIndZdqJRLneblnF

tls, http2

chrome.exe

2.4kB
5.0kB
22
22

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=q35C9da2yg93fvNFVBtRf9xrnPqMVnK2a3KBy274KGRtRLagPTIy89pi60y4RGmI%2B%2FMn%2BxbMAgXPJkd%2F9Jneb5jkG8qMNy5e6DhJCfIuC26QMNrpbSW753QhH1pTtmTy

HTTP Request

OPTIONS https://a.nel.cloudflare.com/report/v4?s=TlWfxE%2BZckYQ9BWQsM4RBUK%2FYX9OgQiqD01YfZAHUVooVUFgK3Zxw09bLvirxWWqGQg2swhpgpp6sQ1VTOkP2CtozFq7UriTa3OXFMvtBPf0uudLjRnn2lgUwIndZdqJRLneblnF
54.217.19.5:443

cm.adgrx.com

tls

chrome.exe

4.5kB
9.6kB
19
19
46.228.174.117:443

sync.1rx.io

tls

chrome.exe

4.7kB
10.4kB
17
17
141.95.171.139:443

https://green.erne.co/pubmatic/cm?gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http

chrome.exe

3.3kB
5.1kB
12
10

HTTP Request

GET https://green.erne.co/pubmatic/cm?gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302
162.55.120.196:443

matching.truffle.bid

tls

chrome.exe

1.9kB
4.0kB
11
12
46.228.164.11:443

https://ad.turn.com/r/cs?pid=45&rndcb=1029629747

tls, http2

chrome.exe

2.0kB
9.2kB
17
19

HTTP Request

GET https://ad.turn.com/r/cs?pid=45&rndcb=1029629747

HTTP Response

302
141.94.171.213:443

https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=3c111862b263eec250ac64a5d416e542&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRSWXMnUYRWgUXRTa%26gdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

tls, http

chrome.exe

7.7kB
12.2kB
16
17

HTTP Request

GET https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D1%26gdpr_consent%3D%25_gdpr_consent

HTTP Response

302

HTTP Request

GET https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=3c111862b263eec250ac64a5d416e542&gdpr=1&gdpr_consent=CP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3Dtk2EoAPtRSWXMnUYRWgUXRTa%26gdpr%3D1%26gdpr_consent%3DCP8wAMAP8wAMAErAJJENAuEsAP_gAEPgACiQg1NX_H__bW9r8X73aft0eY1P99j77sQxBhfJE-4FzLvW_JwXx2ExNA36tqIKmRIEu3bBIQNlHJDUTVigaogVryDMakWcgTNKJ6BkiFMRO2dYCF5vmwtj-QKY5vp993dx2Det_dv83dzyz4VHn3a5_2e0WJCdA58tDfv9bROb-9IPd_58v4v0_F_rE2_eT1l_tevp7D8-ft87_XW-9_fff79LgAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAEQagCzDQqIA-yJCQg0DCKBACoKwgIoEAAAAJA0QEAJgwKdgYBLrCRACAFAAMEAIAAUZAAgAAEgAQiACQAoEAAEAgUAAIAAAgEADAwABgAsBAIAAQHQIUwIIFAsAEjMiIUwIAoEggJbKhBIAgQVwhCLPAggERMFAAACQAVgACAsFgMSSAlYkECXEG0AABAAgEEIFQik7MAQwJmy1V4om0ZWkBaIAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAIAAACAA.YAAAAAAAAAAA

HTTP Response

302
46.228.174.117:443

sync.targeting.unrulymedia.com

tls

chrome.exe

3.3kB
8.2kB
17
16
54.229.184.161:443

sync.crwdcntrl.net

tls

chrome.exe

4.6kB
9.1kB
18
18

8.8.8.8:53

krnl.vip

dns

chrome.exe

54 B
86 B
1
1

DNS Request

krnl.vip

DNS Response

104.21.46.75

172.67.136.103
104.21.46.75:443

krnl.vip

https

chrome.exe

48.6kB
3.0MB
362
2537
8.8.8.8:53

28.118.140.52.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

28.118.140.52.in-addr.arpa
8.8.8.8:53

74.204.58.216.in-addr.arpa

dns

72 B
171 B
1
1

DNS Request

74.204.58.216.in-addr.arpa
8.8.8.8:53

75.46.21.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

75.46.21.104.in-addr.arpa
8.8.8.8:53

172.210.232.199.in-addr.arpa

dns

146 B
262 B
2
2

DNS Request

172.210.232.199.in-addr.arpa

DNS Request

110.52.16.104.in-addr.arpa
8.8.8.8:53

fundingchoicesmessages.google.com

dns

chrome.exe

79 B
116 B
1
1

DNS Request

fundingchoicesmessages.google.com

DNS Response

172.217.16.238
8.8.8.8:53

googleads.g.doubleclick.net

dns

chrome.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.250.179.226
8.8.8.8:53

content-autofill.googleapis.com

dns

chrome.exe

77 B
285 B
1
1

DNS Request

content-autofill.googleapis.com

DNS Response

172.217.169.42

142.250.179.234

142.250.180.10

142.250.187.202

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74

216.58.213.10

216.58.212.234
172.217.16.238:443

fundingchoicesmessages.google.com

https

chrome.exe

32.3kB
585.3kB
228
600
8.8.8.8:53

34.200.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

34.200.250.142.in-addr.arpa
8.8.8.8:53

238.16.217.172.in-addr.arpa

dns

73 B
142 B
1
1

DNS Request

238.16.217.172.in-addr.arpa
8.8.8.8:53

226.179.250.142.in-addr.arpa

dns

74 B
112 B
1
1

DNS Request

226.179.250.142.in-addr.arpa
8.8.8.8:53

42.169.217.172.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

42.169.217.172.in-addr.arpa
8.8.8.8:53

tpc.googlesyndication.com

dns

chrome.exe

71 B
87 B
1
1

DNS Request

tpc.googlesyndication.com

DNS Response

142.250.200.33
172.217.16.238:443

fundingchoicesmessages.google.com

https

chrome.exe

17.2kB
26.3kB
116
147
142.250.179.226:443

googleads.g.doubleclick.net

https

chrome.exe

134.7kB
1.3MB
428
1240
8.8.8.8:53

232.168.11.51.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

232.168.11.51.in-addr.arpa
8.8.8.8:53

10.178.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

10.178.250.142.in-addr.arpa
8.8.8.8:53

33.200.250.142.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

33.200.250.142.in-addr.arpa
8.8.8.8:53

3.180.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.180.250.142.in-addr.arpa
8.8.8.8:53

3.169.217.172.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

3.169.217.172.in-addr.arpa
8.8.8.8:53

cm.g.doubleclick.net

dns

chrome.exe

136 B
259 B
2
2

DNS Request

cm.g.doubleclick.net

DNS Response

216.58.213.2

DNS Request

agen-assets.ftstatic.com

DNS Response

18.154.63.76

18.154.63.95

18.154.63.119

18.154.63.120
8.8.8.8:53

dsum-sec.casalemedia.com

dns

chrome.exe

70 B
102 B
1
1

DNS Request

dsum-sec.casalemedia.com

DNS Response

104.18.36.155

172.64.151.101
8.8.8.8:53

ib.adnxs.com

dns

chrome.exe

58 B
231 B
1
1

DNS Request

ib.adnxs.com

DNS Response

37.252.171.85

37.252.171.52

37.252.173.215

37.252.171.53

37.252.171.149

37.252.172.123

37.252.171.21
142.250.200.33:443

tpc.googlesyndication.com

https

chrome.exe

14.5kB
427.9kB
150
418
8.8.8.8:53

servedby.flashtalking.com

dns

chrome.exe

71 B
174 B
1
1

DNS Request

servedby.flashtalking.com

DNS Response

104.68.68.28
216.58.213.2:443

cm.g.doubleclick.net

https

chrome.exe

50.9kB
68.2kB
281
328
104.18.36.155:443

dsum-sec.casalemedia.com

https

chrome.exe

10.4kB
10.5kB
21
24
8.8.8.8:53

ajs-assets.ftstatic.com

dns

chrome.exe

69 B
176 B
1
1

DNS Request

ajs-assets.ftstatic.com

DNS Response

18.173.233.72

18.173.233.19

18.173.233.87

18.173.233.4
8.8.8.8:53

155.36.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

155.36.18.104.in-addr.arpa
8.8.8.8:53

98.201.58.216.in-addr.arpa

dns

141 B
302 B
2
2

DNS Request

98.201.58.216.in-addr.arpa

DNS Request

github.githubassets.com

DNS Response

185.199.108.154

185.199.109.154

185.199.110.154

185.199.111.154
8.8.8.8:53

2.213.58.216.in-addr.arpa

dns

71 B
138 B
1
1

DNS Request

2.213.58.216.in-addr.arpa
8.8.8.8:53

85.171.252.37.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

85.171.252.37.in-addr.arpa
8.8.8.8:53

102.201.58.216.in-addr.arpa

dns

73 B
171 B
1
1

DNS Request

102.201.58.216.in-addr.arpa
8.8.8.8:53

28.68.68.104.in-addr.arpa

dns

137 B
233 B
2
2

DNS Request

28.68.68.104.in-addr.arpa

DNS Request

matching.truffle.bid

DNS Response

162.55.120.196

23.88.86.2
8.8.8.8:53

72.233.173.18.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

72.233.173.18.in-addr.arpa
8.8.8.8:53

www.google.com

dns

chrome.exe

60 B
76 B
1
1

DNS Request

www.google.com

DNS Response

142.250.178.4
8.8.8.8:53

8.169.217.172.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

8.169.217.172.in-addr.arpa
8.8.8.8:53

145.160.16.104.in-addr.arpa

dns

73 B
135 B
1
1

DNS Request

145.160.16.104.in-addr.arpa
8.8.8.8:53

76.63.154.18.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

76.63.154.18.in-addr.arpa
8.8.8.8:53

4.178.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

4.178.250.142.in-addr.arpa
8.8.8.8:53

238.179.250.142.in-addr.arpa

dns

74 B
113 B
1
1

DNS Request

238.179.250.142.in-addr.arpa
8.8.8.8:53

d9.flashtalking.com

dns

chrome.exe

65 B
140 B
1
1

DNS Request

d9.flashtalking.com

DNS Response

54.75.228.101

54.228.83.32
8.8.8.8:53

cdn.flashtalking.com

dns

chrome.exe

66 B
161 B
1
1

DNS Request

cdn.flashtalking.com

DNS Response

72.246.172.44
8.8.8.8:53

js.ad-score.com

dns

chrome.exe

61 B
168 B
1
1

DNS Request

js.ad-score.com

DNS Response

18.173.233.75

18.173.233.54

18.173.233.38

18.173.233.90
8.8.8.8:53

stat.flashtalking.com

dns

chrome.exe

67 B
163 B
1
1

DNS Request

stat.flashtalking.com

DNS Response

72.246.172.44
8.8.8.8:53

ad-events.flashtalking.com

dns

chrome.exe

72 B
227 B
1
1

DNS Request

ad-events.flashtalking.com

DNS Response

35.178.94.125

3.9.206.191
8.8.8.8:53

data.ad-score.com

dns

chrome.exe

63 B
79 B
1
1

DNS Request

data.ad-score.com

DNS Response

130.211.115.4
8.8.8.8:53

s0.2mdn.net

dns

chrome.exe

57 B
73 B
1
1

DNS Request

s0.2mdn.net

DNS Response

172.217.169.70
8.8.8.8:53

code.createjs.com

dns

chrome.exe

63 B
182 B
1
1

DNS Request

code.createjs.com

DNS Response

23.73.139.33

23.73.139.65
8.8.8.8:53

101.228.75.54.in-addr.arpa

dns

72 B
135 B
1
1

DNS Request

101.228.75.54.in-addr.arpa
8.8.8.8:53

44.172.246.72.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

44.172.246.72.in-addr.arpa
8.8.8.8:53

75.233.173.18.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

75.233.173.18.in-addr.arpa
8.8.8.8:53

70.169.217.172.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

70.169.217.172.in-addr.arpa
8.8.8.8:53

125.94.178.35.in-addr.arpa

dns

72 B
135 B
1
1

DNS Request

125.94.178.35.in-addr.arpa
8.8.8.8:53

4.115.211.130.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

4.115.211.130.in-addr.arpa
8.8.8.8:53

33.139.73.23.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

33.139.73.23.in-addr.arpa
8.8.8.8:53

secure.flashtalking.com

dns

chrome.exe

69 B
167 B
1
1

DNS Request

secure.flashtalking.com

DNS Response

72.246.172.44
224.0.0.251:5353

chrome.exe

204 B
3
8.8.8.8:53

www.mediafire.com

dns

chrome.exe

63 B
95 B
1
1

DNS Request

www.mediafire.com

DNS Response

104.16.114.74

104.16.113.74
8.8.8.8:53

74.114.16.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

74.114.16.104.in-addr.arpa
104.16.114.74:443

www.mediafire.com

https

chrome.exe

88.0kB
295.1kB
157
327
8.8.8.8:53

the.gatekeeperconsent.com

dns

chrome.exe

71 B
103 B
1
1

DNS Request

the.gatekeeperconsent.com

DNS Response

172.64.103.2

172.64.102.2
8.8.8.8:53

btloader.com

dns

chrome.exe

58 B
106 B
1
1

DNS Request

btloader.com

DNS Response

104.22.74.216

104.22.75.216

172.67.41.60
8.8.8.8:53

www.ezojs.com

dns

chrome.exe

59 B
137 B
1
1

DNS Request

www.ezojs.com

DNS Response

172.64.129.8

172.64.128.8
8.8.8.8:53

privacy.gatekeeperconsent.com

dns

chrome.exe

75 B
107 B
1
1

DNS Request

privacy.gatekeeperconsent.com

DNS Response

172.64.103.2

172.64.102.2
8.8.8.8:53

translate.google.com

dns

chrome.exe

66 B
103 B
1
1

DNS Request

translate.google.com

DNS Response

172.217.16.238
8.8.8.8:53

cdn.amplitude.com

dns

chrome.exe

63 B
127 B
1
1

DNS Request

cdn.amplitude.com

DNS Response

18.66.242.6

18.66.242.100

18.66.242.149

18.66.242.40
8.8.8.8:53

static.mediafire.com

dns

chrome.exe

66 B
98 B
1
1

DNS Request

static.mediafire.com

DNS Response

104.16.113.74

104.16.114.74
172.64.103.2:443

privacy.gatekeeperconsent.com

https

chrome.exe

5.3kB
48.8kB
30
48
172.64.103.2:443

privacy.gatekeeperconsent.com

https

chrome.exe

2.0kB
10.0kB
7
22
8.8.8.8:53

cdn.otnolatrnup.com

dns

chrome.exe

65 B
97 B
1
1

DNS Request

cdn.otnolatrnup.com

DNS Response

104.16.52.110

104.16.53.110
8.8.8.8:53

www.mediafiredls.com

dns

chrome.exe

66 B
114 B
1
1

DNS Request

www.mediafiredls.com

DNS Response

172.67.73.78

104.26.3.173

104.26.2.173
8.8.8.8:53

static.cloudflareinsights.com

dns

chrome.exe

75 B
107 B
1
1

DNS Request

static.cloudflareinsights.com

DNS Response

104.16.80.73

104.16.79.73
8.8.8.8:53

api.btloader.com

dns

chrome.exe

62 B
78 B
1
1

DNS Request

api.btloader.com

DNS Response

130.211.23.194
8.8.8.8:53

ad-delivery.net

dns

chrome.exe

61 B
109 B
1
1

DNS Request

ad-delivery.net

DNS Response

104.26.3.70

172.67.69.19

104.26.2.70
8.8.8.8:53

translate.googleapis.com

dns

chrome.exe

70 B
86 B
1
1

DNS Request

translate.googleapis.com

DNS Response

216.58.204.74
8.8.8.8:53

g.ezoic.net

dns

chrome.exe

57 B
105 B
1
1

DNS Request

g.ezoic.net

DNS Response

35.181.89.222

13.39.145.251

15.188.219.54
8.8.8.8:53

216.74.22.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

216.74.22.104.in-addr.arpa
8.8.8.8:53

2.103.64.172.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

2.103.64.172.in-addr.arpa
8.8.8.8:53

8.129.64.172.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

8.129.64.172.in-addr.arpa
8.8.8.8:53

6.242.66.18.in-addr.arpa

dns

70 B
125 B
1
1

DNS Request

6.242.66.18.in-addr.arpa
8.8.8.8:53

78.73.67.172.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

78.73.67.172.in-addr.arpa
8.8.8.8:53

7.4.157.108.in-addr.arpa

dns

70 B
125 B
1
1

DNS Request

7.4.157.108.in-addr.arpa
8.8.8.8:53

194.23.211.130.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

194.23.211.130.in-addr.arpa
8.8.8.8:53

70.3.26.104.in-addr.arpa

dns

70 B
132 B
1
1

DNS Request

70.3.26.104.in-addr.arpa
8.8.8.8:53

73.80.16.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

73.80.16.104.in-addr.arpa
8.8.8.8:53

go.ezodn.com

dns

chrome.exe

58 B
90 B
1
1

DNS Request

go.ezodn.com

DNS Response

172.64.136.15

172.64.137.15
8.8.8.8:53

securepubads.g.doubleclick.net

dns

chrome.exe

76 B
121 B
1
1

DNS Request

securepubads.g.doubleclick.net

DNS Response

172.217.16.226
172.217.169.42:443

content-autofill.googleapis.com

https

chrome.exe

4.4kB
8.6kB
17
23
8.8.8.8:53

stats.g.doubleclick.net

dns

chrome.exe

69 B
133 B
1
1

DNS Request

stats.g.doubleclick.net

DNS Response

64.233.166.157

64.233.166.155

64.233.166.154

64.233.166.156
8.8.8.8:53

api.amplitude.com

dns

chrome.exe

63 B
191 B
1
1

DNS Request

api.amplitude.com

DNS Response

52.43.234.188

52.41.216.34

54.149.201.207

52.40.192.103

35.82.189.55

52.39.50.194

52.43.96.19

44.238.108.251
172.64.103.2:443

privacy.gatekeeperconsent.com

https

chrome.exe

8.6kB
169.6kB
63
150
8.8.8.8:53

otnolatrnup.com

dns

chrome.exe

61 B
93 B
1
1

DNS Request

otnolatrnup.com

DNS Response

104.16.53.110

104.16.52.110
130.211.23.194:443

api.btloader.com

https

chrome.exe

3.2kB
6.0kB
16
17
8.8.8.8:53

translate-pa.googleapis.com

dns

chrome.exe

73 B
265 B
1
1

DNS Request

translate-pa.googleapis.com

DNS Response

172.217.169.74

142.250.179.234

142.250.180.10

142.250.187.202

142.250.187.234

142.250.178.10

172.217.16.234

142.250.200.10

142.250.200.42

216.58.201.106

216.58.204.74

172.217.169.10
8.8.8.8:53

prebid.media.net

dns

chrome.exe

62 B
78 B
1
1

DNS Request

prebid.media.net

DNS Response

34.120.63.153
8.8.8.8:53

apps.identrust.com

dns

chrome.exe

64 B
165 B
1
1

DNS Request

apps.identrust.com

DNS Response

23.63.101.171

23.63.101.170
8.8.8.8:53

hbopenbid.pubmatic.com

dns

chrome.exe

68 B
147 B
1
1

DNS Request

hbopenbid.pubmatic.com

DNS Response

185.64.190.77
8.8.8.8:53

btlr.sharethrough.com

dns

chrome.exe

67 B
227 B
1
1

DNS Request

btlr.sharethrough.com

DNS Response

35.158.241.145

3.125.238.57

52.58.156.106

18.159.169.71

3.124.19.254

3.78.8.221

18.185.214.238

3.70.59.245
8.8.8.8:53

tlx.3lift.com

dns

chrome.exe

59 B
128 B
1
1

DNS Request

tlx.3lift.com

DNS Response

3.78.168.176

18.157.230.4

3.124.64.248
142.250.178.4:443

www.google.com

https

chrome.exe

11.5kB
14.8kB
89
115
8.8.8.8:53

www.google.co.uk

dns

chrome.exe

62 B
78 B
1
1

DNS Request

www.google.co.uk

DNS Response

216.58.201.99
172.217.16.226:443

securepubads.g.doubleclick.net

https

chrome.exe

19.1kB
303.9kB
89
256
8.8.8.8:53

tags.crwdcntrl.net

dns

chrome.exe

64 B
128 B
1
1

DNS Request

tags.crwdcntrl.net

DNS Response

18.173.233.10

18.173.233.119

18.173.233.47

18.173.233.95
8.8.8.8:53

ad.crwdcntrl.net

dns

chrome.exe

62 B
190 B
1
1

DNS Request

ad.crwdcntrl.net

DNS Response

54.155.211.205

54.229.184.161

99.80.66.155

108.128.218.76

52.48.17.214

52.210.166.25

52.49.69.142

54.77.0.180
8.8.8.8:53

bcp.crwdcntrl.net

dns

chrome.exe

63 B
191 B
1
1

DNS Request

bcp.crwdcntrl.net

DNS Response

52.210.166.25

52.49.69.142

108.128.218.76

54.229.184.161

99.80.66.155

54.77.0.180

54.155.27.174

52.48.17.214
172.64.136.15:443

go.ezodn.com

https

chrome.exe

7.1kB
25.6kB
27
35
64.233.166.157:443

stats.g.doubleclick.net

https

chrome.exe

3.6kB
6.9kB
8
11
8.8.8.8:53

analytics.google.com

dns

chrome.exe

66 B
82 B
1
1

DNS Request

analytics.google.com

DNS Response

142.250.178.14
8.8.8.8:53

222.89.181.35.in-addr.arpa

dns

72 B
135 B
1
1

DNS Request

222.89.181.35.in-addr.arpa
8.8.8.8:53

15.136.64.172.in-addr.arpa

dns

144 B
268 B
2
2

DNS Request

15.136.64.172.in-addr.arpa

DNS Request

15.136.64.172.in-addr.arpa
8.8.8.8:53

226.16.217.172.in-addr.arpa

dns

146 B
280 B
2
2

DNS Request

226.16.217.172.in-addr.arpa

DNS Request

226.16.217.172.in-addr.arpa
8.8.8.8:53

157.166.233.64.in-addr.arpa

dns

146 B
214 B
2
2

DNS Request

157.166.233.64.in-addr.arpa

DNS Request

157.166.233.64.in-addr.arpa
8.8.8.8:53

188.234.43.52.in-addr.arpa

dns

144 B
270 B
2
2

DNS Request

188.234.43.52.in-addr.arpa

DNS Request

188.234.43.52.in-addr.arpa
8.8.8.8:53

153.63.120.34.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

153.63.120.34.in-addr.arpa
8.8.8.8:53

145.241.158.35.in-addr.arpa

dns

73 B
140 B
1
1

DNS Request

145.241.158.35.in-addr.arpa
8.8.8.8:53

77.190.64.185.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

77.190.64.185.in-addr.arpa
8.8.8.8:53

176.168.78.3.in-addr.arpa

dns

71 B
136 B
1
1

DNS Request

176.168.78.3.in-addr.arpa
8.8.8.8:53

99.201.58.216.in-addr.arpa

dns

72 B
169 B
1
1

DNS Request

99.201.58.216.in-addr.arpa
8.8.8.8:53

171.101.63.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

171.101.63.23.in-addr.arpa
8.8.8.8:53

25.166.210.52.in-addr.arpa

dns

72 B
135 B
1
1

DNS Request

25.166.210.52.in-addr.arpa
8.8.8.8:53

10.233.173.18.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

10.233.173.18.in-addr.arpa
8.8.8.8:53

205.211.155.54.in-addr.arpa

dns

73 B
137 B
1
1

DNS Request

205.211.155.54.in-addr.arpa
8.8.8.8:53

14.178.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

14.178.250.142.in-addr.arpa
8.8.8.8:53

ads.pubmatic.com

dns

chrome.exe

62 B
145 B
1
1

DNS Request

ads.pubmatic.com

DNS Response

23.53.112.234
8.8.8.8:53

eb2.3lift.com

dns

chrome.exe

59 B
112 B
1
1

DNS Request

eb2.3lift.com

DNS Response

76.223.111.18

13.248.245.213
8.8.8.8:53

contextual.media.net

dns

chrome.exe

66 B
82 B
1
1

DNS Request

contextual.media.net

DNS Response

72.246.172.22
8.8.8.8:53

image6.pubmatic.com

dns

chrome.exe

65 B
142 B
1
1

DNS Request

image6.pubmatic.com

DNS Response

198.47.127.19
8.8.8.8:53

18.111.223.76.in-addr.arpa

dns

72 B
128 B
1
1

DNS Request

18.111.223.76.in-addr.arpa
8.8.8.8:53

234.112.53.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

234.112.53.23.in-addr.arpa
8.8.8.8:53

22.172.246.72.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

22.172.246.72.in-addr.arpa
104.16.53.110:443

otnolatrnup.com

https

chrome.exe

15.0kB
27.6kB
33
38
8.8.8.8:53

19.127.47.198.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

19.127.47.198.in-addr.arpa
8.8.8.8:53

159.113.53.23.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

159.113.53.23.in-addr.arpa
8.8.8.8:53

79.121.231.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

79.121.231.20.in-addr.arpa
8.8.8.8:53

110.53.16.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

110.53.16.104.in-addr.arpa
34.120.63.153:443

prebid.media.net

https

chrome.exe

5.6kB
6.5kB
9
10
8.8.8.8:53

cdn.jsdelivr.net

dns

chrome.exe

62 B
160 B
1
1

DNS Request

cdn.jsdelivr.net

DNS Response

151.101.1.229

151.101.65.229

151.101.129.229

151.101.193.229
8.8.8.8:53

cdn.id5-sync.com

dns

chrome.exe

62 B
110 B
1
1

DNS Request

cdn.id5-sync.com

DNS Response

104.22.53.86

104.22.52.86

172.67.38.106
8.8.8.8:53

oa.openxcdn.net

dns

chrome.exe

61 B
77 B
1
1

DNS Request

oa.openxcdn.net

DNS Response

34.102.146.192
8.8.8.8:53

static.criteo.net

dns

chrome.exe

126 B
226 B
2
2

DNS Request

static.criteo.net

DNS Response

178.250.1.3

DNS Request

static.criteo.net

DNS Response

178.250.1.3
8.8.8.8:53

cdn.prod.uidapi.com

dns

chrome.exe

65 B
124 B
1
1

DNS Request

cdn.prod.uidapi.com

DNS Response

18.154.67.92
8.8.8.8:53

invstatic101.creativecdn.com

dns

chrome.exe

148 B
180 B
2
2

DNS Request

invstatic101.creativecdn.com

DNS Response

34.96.70.87

DNS Request

invstatic101.creativecdn.com

DNS Response

34.96.70.87
8.8.8.8:53

cdn-ima.33across.com

dns

chrome.exe

66 B
151 B
1
1

DNS Request

cdn-ima.33across.com

DNS Response

104.18.35.167

172.64.152.89
8.8.8.8:53

671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com

dns

chrome.exe

110 B
169 B
1
1

DNS Request

671610e7dda380567b3177c812f71b55.safeframe.googlesyndication.com

DNS Response

142.250.180.1
8.8.8.8:53

oajs.openx.net

dns

chrome.exe

60 B
92 B
1
1

DNS Request

oajs.openx.net

DNS Response

34.120.135.53

34.120.107.143
8.8.8.8:53

id5-sync.com

dns

chrome.exe

58 B
218 B
1
1

DNS Request

id5-sync.com

DNS Response

162.19.138.116

141.95.98.64

141.95.98.65

162.19.138.118

162.19.138.119

141.95.33.120

162.19.138.120

162.19.138.117

162.19.138.82

162.19.138.83
142.250.178.14:443

analytics.google.com

https

chrome.exe

5.3kB
8.1kB
14
19
34.120.135.53:443

oajs.openx.net

https

chrome.exe

2.2kB
4.2kB
7
8
172.217.169.70:443

s0.2mdn.net

https

chrome.exe

4.5kB
48.5kB
24
42
8.8.8.8:53

229.1.101.151.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

229.1.101.151.in-addr.arpa
8.8.8.8:53

167.35.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

167.35.18.104.in-addr.arpa
8.8.8.8:53

86.53.22.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

86.53.22.104.in-addr.arpa
8.8.8.8:53

87.70.96.34.in-addr.arpa

dns

140 B
240 B
2
2

DNS Request

87.70.96.34.in-addr.arpa

DNS Request

87.70.96.34.in-addr.arpa
8.8.8.8:53

192.146.102.34.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

192.146.102.34.in-addr.arpa
8.8.8.8:53

92.67.154.18.in-addr.arpa

dns

71 B
127 B
1
1

DNS Request

92.67.154.18.in-addr.arpa
8.8.8.8:53

3.1.250.178.in-addr.arpa

dns

70 B
124 B
1
1

DNS Request

3.1.250.178.in-addr.arpa
8.8.8.8:53

1.180.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

1.180.250.142.in-addr.arpa
8.8.8.8:53

226.20.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

226.20.18.104.in-addr.arpa
8.8.8.8:53

53.135.120.34.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

53.135.120.34.in-addr.arpa
8.8.8.8:53

116.138.19.162.in-addr.arpa

dns

73 B
114 B
1
1

DNS Request

116.138.19.162.in-addr.arpa
172.217.16.226:443

securepubads.g.doubleclick.net

https

chrome.exe

4.5kB
7.4kB
10
13
8.8.8.8:53

google-bidout-d.openx.net

dns

chrome.exe

71 B
103 B
1
1

DNS Request

google-bidout-d.openx.net

DNS Response

34.98.64.218

35.244.159.8
8.8.8.8:53

us-u.openx.net

dns

chrome.exe

60 B
92 B
1
1

DNS Request

us-u.openx.net

DNS Response

35.244.159.8

34.98.64.218
8.8.8.8:53

sync.teads.tv

dns

chrome.exe

59 B
148 B
1
1

DNS Request

sync.teads.tv

DNS Response

72.246.173.80
172.217.169.70:443

s0.2mdn.net

https

chrome.exe

9.3kB
388.4kB
88
325
8.8.8.8:53

googleads4.g.doubleclick.net

dns

chrome.exe

74 B
90 B
1
1

DNS Request

googleads4.g.doubleclick.net

DNS Response

142.250.200.2
8.8.8.8:53

gum.criteo.com

dns

chrome.exe

60 B
107 B
1
1

DNS Request

gum.criteo.com

DNS Response

178.250.1.11
8.8.8.8:53

download2389.mediafire.com

dns

chrome.exe

72 B
88 B
1
1

DNS Request

download2389.mediafire.com

DNS Response

199.91.155.130
8.8.8.8:53

218.64.98.34.in-addr.arpa

dns

71 B
122 B
1
1

DNS Request

218.64.98.34.in-addr.arpa
8.8.8.8:53

80.173.246.72.in-addr.arpa

dns

72 B
137 B
1
1

DNS Request

80.173.246.72.in-addr.arpa
8.8.8.8:53

2.200.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

2.200.250.142.in-addr.arpa
8.8.8.8:53

11.1.250.178.in-addr.arpa

dns

71 B
125 B
1
1

DNS Request

11.1.250.178.in-addr.arpa
142.250.200.2:443

googleads4.g.doubleclick.net

https

chrome.exe

7.5kB
7.2kB
12
13
8.8.8.8:53

130.155.91.199.in-addr.arpa

dns

146 B
146 B
2
2

DNS Request

130.155.91.199.in-addr.arpa

DNS Request

130.155.91.199.in-addr.arpa
8.8.8.8:53

woreppercomming.com

dns

chrome.exe

65 B
129 B
1
1

DNS Request

woreppercomming.com

DNS Response

18.173.233.49

18.173.233.112

18.173.233.82

18.173.233.68
8.8.8.8:53

www.ovardu.com

dns

chrome.exe

60 B
92 B
1
1

DNS Request

www.ovardu.com

DNS Response

172.67.174.4

104.21.96.72
8.8.8.8:53

dis.criteo.com

dns

chrome.exe

60 B
110 B
1
1

DNS Request

dis.criteo.com

DNS Response

178.250.1.9
8.8.8.8:53

aax-eu.amazon-adsystem.com

dns

chrome.exe

72 B
88 B
1
1

DNS Request

aax-eu.amazon-adsystem.com

DNS Response

67.220.226.233
8.8.8.8:53

sync.crwdcntrl.net

dns

chrome.exe

64 B
192 B
1
1

DNS Request

sync.crwdcntrl.net

DNS Response

54.77.0.180

108.128.218.76

52.49.69.142

54.155.211.205

52.210.166.25

52.48.17.214

54.229.184.161

99.80.66.155
8.8.8.8:53

simage2.pubmatic.com

dns

chrome.exe

66 B
139 B
1
1

DNS Request

simage2.pubmatic.com

DNS Response

185.64.191.210
8.8.8.8:53

4.174.67.172.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

4.174.67.172.in-addr.arpa
8.8.8.8:53

49.233.173.18.in-addr.arpa

dns

72 B
129 B
1
1

DNS Request

49.233.173.18.in-addr.arpa
8.8.8.8:53

9.1.250.178.in-addr.arpa

dns

70 B
124 B
1
1

DNS Request

9.1.250.178.in-addr.arpa
8.8.8.8:53

cr.frontend.weborama.fr

dns

chrome.exe

69 B
85 B
1
1

DNS Request

cr.frontend.weborama.fr

DNS Response

34.111.129.221
8.8.8.8:53

a.audrte.com

dns

chrome.exe

58 B
154 B
1
1

DNS Request

a.audrte.com

DNS Response

52.215.200.207

52.17.231.33

34.240.126.98

52.30.18.244

34.248.32.69

52.215.59.81
8.8.8.8:53

um.simpli.fi

dns

chrome.exe

58 B
106 B
1
1

DNS Request

um.simpli.fi

DNS Response

34.91.62.186

35.204.74.118

35.204.158.49
8.8.8.8:53

match.adsrvr.org

dns

chrome.exe

62 B
126 B
1
1

DNS Request

match.adsrvr.org

DNS Response

52.223.40.198

35.71.131.137

15.197.193.217

3.33.220.150
8.8.8.8:53

c1.adform.net

dns

chrome.exe

59 B
176 B
1
1

DNS Request

c1.adform.net

DNS Response

37.157.5.132

37.157.5.133

37.157.4.29

37.157.5.84

37.157.4.28
8.8.8.8:53

pr-bh.ybp.yahoo.com

dns

chrome.exe

65 B
173 B
1
1

DNS Request

pr-bh.ybp.yahoo.com

DNS Response

52.49.52.84

54.171.234.224

63.35.81.137

54.170.176.233
8.8.8.8:53

ups.analytics.yahoo.com

dns

chrome.exe

69 B
254 B
1
1

DNS Request

ups.analytics.yahoo.com

DNS Response

3.71.149.231

3.75.62.37
8.8.8.8:53

image2.pubmatic.com

dns

chrome.exe

65 B
137 B
1
1

DNS Request

image2.pubmatic.com

DNS Response

185.64.191.210
8.8.8.8:53

233.226.220.67.in-addr.arpa

dns

73 B
144 B
1
1

DNS Request

233.226.220.67.in-addr.arpa
8.8.8.8:53

210.191.64.185.in-addr.arpa

dns

73 B
133 B
1
1

DNS Request

210.191.64.185.in-addr.arpa
8.8.8.8:53

221.129.111.34.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

221.129.111.34.in-addr.arpa
8.8.8.8:53

207.200.215.52.in-addr.arpa

dns

73 B
137 B
1
1

DNS Request

207.200.215.52.in-addr.arpa
8.8.8.8:53

84.52.49.52.in-addr.arpa

dns

70 B
131 B
1
1

DNS Request

84.52.49.52.in-addr.arpa
8.8.8.8:53

198.40.223.52.in-addr.arpa

dns

72 B
128 B
1
1

DNS Request

198.40.223.52.in-addr.arpa
8.8.8.8:53

186.62.91.34.in-addr.arpa

dns

71 B
122 B
1
1

DNS Request

186.62.91.34.in-addr.arpa
8.8.8.8:53

132.5.157.37.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

132.5.157.37.in-addr.arpa
8.8.8.8:53

231.149.71.3.in-addr.arpa

dns

71 B
136 B
1
1

DNS Request

231.149.71.3.in-addr.arpa
34.111.129.221:443

cr.frontend.weborama.fr

https

chrome.exe

3.4kB
6.2kB
8
10
8.8.8.8:53

image4.pubmatic.com

dns

chrome.exe

65 B
143 B
1
1

DNS Request

image4.pubmatic.com

DNS Response

198.47.127.20
8.8.8.8:53

idsync.frontend.weborama.fr

dns

chrome.exe

73 B
89 B
1
1

DNS Request

idsync.frontend.weborama.fr

DNS Response

34.111.131.239
8.8.8.8:53

simage4.pubmatic.com

dns

chrome.exe

66 B
144 B
1
1

DNS Request

simage4.pubmatic.com

DNS Response

198.47.127.20
8.8.8.8:53

239.131.111.34.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

239.131.111.34.in-addr.arpa
8.8.8.8:53

20.127.47.198.in-addr.arpa

dns

72 B
126 B
1
1

DNS Request

20.127.47.198.in-addr.arpa
8.8.8.8:53

86.23.85.13.in-addr.arpa

dns

70 B
144 B
1
1

DNS Request

86.23.85.13.in-addr.arpa
8.8.8.8:53

56.126.166.20.in-addr.arpa

dns

72 B
158 B
1
1

DNS Request

56.126.166.20.in-addr.arpa
142.250.179.226:443

googleads.g.doubleclick.net

https

chrome.exe

2.9kB
6.5kB
5
8
8.8.8.8:53

ade.googlesyndication.com

dns

chrome.exe

71 B
87 B
1
1

DNS Request

ade.googlesyndication.com

DNS Response

142.250.200.34
8.8.8.8:53

cms.quantserve.com

dns

chrome.exe

64 B
238 B
1
1

DNS Request

cms.quantserve.com

DNS Response

91.228.74.244

91.228.74.206

91.228.74.208

91.228.74.200

91.228.74.251

91.228.74.159

91.228.74.166

91.228.74.168
8.8.8.8:53

pm.w55c.net

dns

chrome.exe

57 B
123 B
1
1

DNS Request

pm.w55c.net

DNS Response

3.248.140.44

52.16.176.188

52.18.90.0
8.8.8.8:53

x.bidswitch.net

dns

chrome.exe

61 B
104 B
1
1

DNS Request

x.bidswitch.net

DNS Response

35.214.149.91
8.8.8.8:53

sync.srv.stackadapt.com

dns

chrome.exe

69 B
197 B
1
1

DNS Request

sync.srv.stackadapt.com

DNS Response

54.172.158.143

54.159.174.96

54.145.153.101

54.164.17.132

54.145.45.250

54.197.158.229

54.158.42.6

54.144.230.52
8.8.8.8:53

a.rfihub.com

dns

chrome.exe

58 B
132 B
1
1

DNS Request

a.rfihub.com

DNS Response

193.0.160.130
8.8.8.8:53

sync-dmp.aura-dsp.com

dns

chrome.exe

67 B
122 B
1
1

DNS Request

sync-dmp.aura-dsp.com
8.8.8.8:53

gtrace.mediago.io

dns

chrome.exe

63 B
79 B
1
1

DNS Request

gtrace.mediago.io

DNS Response

35.214.168.80
8.8.8.8:53

creativecdn.com

dns

chrome.exe

61 B
77 B
1
1

DNS Request

creativecdn.com

DNS Response

185.184.8.90
35.214.168.80:443

gtrace.mediago.io

https

chrome.exe

1.3kB
1
8.8.8.8:53

dsp.adkernel.com

dns

chrome.exe

62 B
78 B
1
1

DNS Request

dsp.adkernel.com

DNS Response

174.137.133.49
8.8.8.8:53

91.149.214.35.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

91.149.214.35.in-addr.arpa
8.8.8.8:53

130.160.0.193.in-addr.arpa

dns

72 B
139 B
1
1

DNS Request

130.160.0.193.in-addr.arpa
8.8.8.8:53

44.140.248.3.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

44.140.248.3.in-addr.arpa
8.8.8.8:53

80.168.214.35.in-addr.arpa

dns

144 B
248 B
2
2

DNS Request

80.168.214.35.in-addr.arpa

DNS Request

80.168.214.35.in-addr.arpa
8.8.8.8:53

244.74.228.91.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

244.74.228.91.in-addr.arpa
8.8.8.8:53

143.158.172.54.in-addr.arpa

dns

73 B
129 B
1
1

DNS Request

143.158.172.54.in-addr.arpa
8.8.8.8:53

90.8.184.185.in-addr.arpa

dns

71 B
113 B
1
1

DNS Request

90.8.184.185.in-addr.arpa
8.8.8.8:53

49.133.137.174.in-addr.arpa

dns

73 B
130 B
1
1

DNS Request

49.133.137.174.in-addr.arpa
8.8.8.8:53

dclk-match.dotomi.com

dns

chrome.exe

67 B
143 B
1
1

DNS Request

dclk-match.dotomi.com

DNS Response

89.207.16.140
8.8.8.8:53

tr.blismedia.com

dns

chrome.exe

62 B
78 B
1
1

DNS Request

tr.blismedia.com

DNS Response

34.96.105.8
8.8.8.8:53

onetag-sys.com

dns

chrome.exe

60 B
156 B
1
1

DNS Request

onetag-sys.com

DNS Response

51.89.9.252

51.89.9.254

51.38.120.206

51.89.9.253

51.89.9.251

51.75.86.98
8.8.8.8:53

8.105.96.34.in-addr.arpa

dns

70 B
120 B
1
1

DNS Request

8.105.96.34.in-addr.arpa
8.8.8.8:53

140.16.207.89.in-addr.arpa

dns

72 B
115 B
1
1

DNS Request

140.16.207.89.in-addr.arpa
8.8.8.8:53

252.9.89.51.in-addr.arpa

dns

70 B
103 B
1
1

DNS Request

252.9.89.51.in-addr.arpa
8.8.8.8:53

ad.turn.com

dns

chrome.exe

57 B
109 B
1
1

DNS Request

ad.turn.com

DNS Response

46.228.164.11
34.96.105.8:443

tr.blismedia.com

https

chrome.exe

2.7kB
6.1kB
10
12
8.8.8.8:53

a.tribalfusion.com

dns

chrome.exe

64 B
96 B
1
1

DNS Request

a.tribalfusion.com

DNS Response

104.18.25.173

104.18.24.173
51.89.9.252:443

onetag-sys.com

https

chrome.exe

6.4kB
5
8.8.8.8:53

b1sync.zemanta.com

dns

chrome.exe

64 B
164 B
1
1

DNS Request

b1sync.zemanta.com

DNS Response

50.31.142.255
8.8.8.8:53

r.turn.com

dns

chrome.exe

56 B
107 B
1
1

DNS Request

r.turn.com

DNS Response

46.228.164.11
8.8.8.8:53

s.tribalfusion.com

dns

chrome.exe

64 B
96 B
1
1

DNS Request

s.tribalfusion.com

DNS Response

104.18.24.173

104.18.25.173
8.8.8.8:53

11.164.228.46.in-addr.arpa

dns

72 B
112 B
1
1

DNS Request

11.164.228.46.in-addr.arpa
8.8.8.8:53

173.25.18.104.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

173.25.18.104.in-addr.arpa
8.8.8.8:53

255.142.31.50.in-addr.arpa

dns

72 B
102 B
1
1

DNS Request

255.142.31.50.in-addr.arpa
8.8.8.8:53

k-storage.com

dns

chrome.exe

59 B
91 B
1
1

DNS Request

k-storage.com

DNS Response

104.21.49.80

172.67.160.107
104.21.49.80:443

k-storage.com

https

chrome.exe

12.5kB
78.4kB
61
88
8.8.8.8:53

80.49.21.104.in-addr.arpa

dns

71 B
133 B
1
1

DNS Request

80.49.21.104.in-addr.arpa
104.18.25.173:443

s.tribalfusion.com

https

chrome.exe

21.4kB
19.3kB
47
48
8.8.8.8:53

sync-dmp.aura-dsp.com

dns

chrome.exe

67 B
122 B
1
1

DNS Request

sync-dmp.aura-dsp.com
8.8.8.8:53

sonata-notifications.taptapnetworks.com

dns

chrome.exe

85 B
117 B
1
1

DNS Request

sonata-notifications.taptapnetworks.com

DNS Response

18.158.116.115

35.156.202.1
8.8.8.8:53

dsp.adfarm1.adition.com

dns

chrome.exe

69 B
101 B
1
1

DNS Request

dsp.adfarm1.adition.com

DNS Response

85.114.159.118

85.114.159.93
8.8.8.8:53

p.rfihub.com

dns

chrome.exe

58 B
148 B
1
1

DNS Request

p.rfihub.com

DNS Response

193.0.160.130
8.8.8.8:53

sync-tm.everesttech.net

dns

chrome.exe

69 B
223 B
1
1

DNS Request

sync-tm.everesttech.net

DNS Response

151.101.2.49

151.101.66.49

151.101.130.49

151.101.194.49
8.8.8.8:53

mwzeom.zeotap.com

dns

chrome.exe

63 B
111 B
1
1

DNS Request

mwzeom.zeotap.com

DNS Response

172.67.40.173

104.22.50.98

104.22.51.98
8.8.8.8:53

uipglob.semasio.net

dns

chrome.exe

65 B
152 B
1
1

DNS Request

uipglob.semasio.net

DNS Response

77.243.51.121

77.243.51.122
8.8.8.8:53

pixel.onaudience.com

dns

chrome.exe

66 B
226 B
1
1

DNS Request

pixel.onaudience.com

DNS Response

15.235.15.221

141.94.171.213

141.94.171.212

141.94.171.216

141.94.170.77

51.222.80.231

141.94.170.64

141.94.171.214

141.94.171.215

146.59.148.16
8.8.8.8:53

118.159.114.85.in-addr.arpa

dns

73 B
110 B
1
1

DNS Request

118.159.114.85.in-addr.arpa
8.8.8.8:53

115.116.158.18.in-addr.arpa

dns

73 B
140 B
1
1

DNS Request

115.116.158.18.in-addr.arpa
8.8.8.8:53

49.2.101.151.in-addr.arpa

dns

71 B
131 B
1
1

DNS Request

49.2.101.151.in-addr.arpa
8.8.8.8:53

173.40.67.172.in-addr.arpa

dns

72 B
134 B
1
1

DNS Request

173.40.67.172.in-addr.arpa
8.8.8.8:53

121.51.243.77.in-addr.arpa

dns

72 B
132 B
1
1

DNS Request

121.51.243.77.in-addr.arpa
8.8.8.8:53

pixel-sync.sitescout.com

dns

chrome.exe

70 B
86 B
1
1

DNS Request

pixel-sync.sitescout.com

DNS Response

34.36.216.150
34.36.216.150:443

pixel-sync.sitescout.com

https

chrome.exe

3.4kB
5.7kB
8
10
8.8.8.8:53

ps.eyeota.net

dns

chrome.exe

59 B
75 B
1
1

DNS Request

ps.eyeota.net

DNS Response

3.121.27.153
8.8.8.8:53

pubmatic-match.dotomi.com

dns

chrome.exe

71 B
147 B
1
1

DNS Request

pubmatic-match.dotomi.com

DNS Response

63.215.202.172
8.8.8.8:53

d.turn.com

dns

chrome.exe

56 B
107 B
1
1

DNS Request

d.turn.com

DNS Response

46.228.164.13
8.8.8.8:53

221.15.235.15.in-addr.arpa

dns

72 B
109 B
1
1

DNS Request

221.15.235.15.in-addr.arpa
8.8.8.8:53

150.216.36.34.in-addr.arpa

dns

72 B
124 B
1
1

DNS Request

150.216.36.34.in-addr.arpa
8.8.8.8:53

172.202.215.63.in-addr.arpa

dns

73 B
116 B
1
1

DNS Request

172.202.215.63.in-addr.arpa
8.8.8.8:53

153.27.121.3.in-addr.arpa

dns

71 B
136 B
1
1

DNS Request

153.27.121.3.in-addr.arpa
8.8.8.8:53

13.164.228.46.in-addr.arpa

dns

72 B
101 B
1
1

DNS Request

13.164.228.46.in-addr.arpa
8.8.8.8:53

d5p.de17a.com

dns

chrome.exe

59 B
251 B
1
1

DNS Request

d5p.de17a.com

DNS Response

213.155.156.183

213.155.156.182

213.155.156.181

213.155.156.164

213.155.156.167

213.155.156.166

213.155.156.168

213.155.156.169

213.155.156.180

213.155.156.165

213.155.156.185

213.155.156.184
8.8.8.8:53

match.prod.bidr.io

dns

chrome.exe

64 B
192 B
1
1

DNS Request

match.prod.bidr.io

DNS Response

52.30.157.117

52.209.243.124

52.18.157.212

52.19.105.29

52.214.83.111

34.255.58.76

34.249.226.75

52.48.73.249
8.8.8.8:53

t.adx.opera.com

dns

chrome.exe

61 B
104 B
1
1

DNS Request

t.adx.opera.com

DNS Response

82.145.213.8
8.8.8.8:53

csync.loopme.me

dns

chrome.exe

61 B
307 B
1
1

DNS Request

csync.loopme.me

DNS Response

35.214.244.54

35.214.144.9

35.214.232.155

35.214.238.211

35.214.200.205

35.214.229.219

35.214.253.238

35.214.174.160

35.214.221.233

35.214.208.206

35.214.129.22

35.214.190.26
8.8.8.8:53

ipac.ctnsnet.com

dns

chrome.exe

62 B
78 B
1
1

DNS Request

ipac.ctnsnet.com

DNS Response

35.186.193.173
8.8.8.8:53

core.iprom.net

dns

chrome.exe

60 B
76 B
1
1

DNS Request

core.iprom.net

DNS Response

195.5.165.20
8.8.8.8:53

rtb-csync.smartadserver.com

dns

chrome.exe

73 B
318 B
1
1

DNS Request

rtb-csync.smartadserver.com

DNS Response

89.149.192.200

81.17.55.106

81.17.55.173

81.17.55.116

81.17.55.117

89.149.192.201

81.17.55.172

89.149.192.73

81.17.55.97

89.149.192.74
8.8.8.8:53

ad.mrtnsvr.com

dns

chrome.exe

60 B
76 B
1
1

DNS Request

ad.mrtnsvr.com

DNS Response

34.102.163.6
8.8.8.8:53

cm-supply-web.gammaplatform.com

dns

chrome.exe

77 B
93 B
1
1

DNS Request

cm-supply-web.gammaplatform.com

DNS Response

35.186.154.107
8.8.8.8:53

bh.contextweb.com

dns

chrome.exe

63 B
129 B
1
1

DNS Request

bh.contextweb.com

DNS Response

208.93.169.131
8.8.8.8:53

match.adsby.bidtheatre.com

dns

chrome.exe

72 B
120 B
1
1

DNS Request

match.adsby.bidtheatre.com

DNS Response

64.227.64.62

188.166.17.21

134.122.57.34
8.8.8.8:53

117.157.30.52.in-addr.arpa

dns

72 B
135 B
1
1

DNS Request

117.157.30.52.in-addr.arpa
8.8.8.8:53

sync-dmp.aura-dsp.com

dns

chrome.exe

67 B
122 B
1
1

DNS Request

sync-dmp.aura-dsp.com
8.8.8.8:53

8.213.145.82.in-addr.arpa

dns

71 B
132 B
1
1

DNS Request

8.213.145.82.in-addr.arpa
8.8.8.8:53

54.244.214.35.in-addr.arpa

dns

144 B
248 B
2
2

DNS Request

54.244.214.35.in-addr.arpa

DNS Request

54.244.214.35.in-addr.arpa
8.8.8.8:53

173.193.186.35.in-addr.arpa

dns

73 B
126 B
1
1

DNS Request

173.193.186.35.in-addr.arpa
8.8.8.8:53

20.165.5.195.in-addr.arpa

dns

71 B
123 B
1
1

DNS Request

20.165.5.195.in-addr.arpa
8.8.8.8:53

200.192.149.89.in-addr.arpa

dns

73 B
136 B
1
1

DNS Request

200.192.149.89.in-addr.arpa
8.8.8.8:53

6.163.102.34.in-addr.arpa

dns

71 B
122 B
1
1

DNS Request

6.163.102.34.in-addr.arpa
8.8.8.8:53

131.169.93.208.in-addr.arpa

dns

73 B
138 B
1
1

DNS Request

131.169.93.208.in-addr.arpa
8.8.8.8:53

183.156.155.213.in-addr.arpa

dns

74 B
136 B
1
1

DNS Request

183.156.155.213.in-addr.arpa
8.8.8.8:53

249.197.17.2.in-addr.arpa

dns

71 B
135 B
1
1

DNS Request

249.197.17.2.in-addr.arpa
8.8.8.8:53

62.64.227.64.in-addr.arpa

dns

71 B
138 B
1
1

DNS Request

62.64.227.64.in-addr.arpa
8.8.8.8:53

google.com

dns

chrome.exe

56 B
72 B
1
1

DNS Request

google.com

DNS Response

142.250.200.14
8.8.8.8:53

beacons.gcp.gvt2.com

dns

chrome.exe

66 B
112 B
1
1

DNS Request

beacons.gcp.gvt2.com

DNS Response

192.178.49.163
8.8.8.8:53

14.200.250.142.in-addr.arpa

dns

73 B
112 B
1
1

DNS Request

14.200.250.142.in-addr.arpa
8.8.8.8:53

163.49.178.192.in-addr.arpa

dns

73 B
111 B
1
1

DNS Request

163.49.178.192.in-addr.arpa
8.8.8.8:53

a.nel.cloudflare.com

dns

chrome.exe

66 B
82 B
1
1

DNS Request

a.nel.cloudflare.com

DNS Response

35.190.80.1
35.190.80.1:443

a.nel.cloudflare.com

https

chrome.exe

5.8kB
4.2kB
11
11
8.8.8.8:53

googleads.g.doubleclick.net

dns

chrome.exe

73 B
89 B
1
1

DNS Request

googleads.g.doubleclick.net

DNS Response

142.250.180.2
142.250.180.2:443

googleads.g.doubleclick.net

https

chrome.exe

1.7kB
2.5kB
6
5
8.8.8.8:53

1.80.190.35.in-addr.arpa

dns

70 B
120 B
1
1

DNS Request

1.80.190.35.in-addr.arpa
8.8.8.8:53

2.180.250.142.in-addr.arpa

dns

72 B
110 B
1
1

DNS Request

2.180.250.142.in-addr.arpa
192.178.49.163:443

beacons.gcp.gvt2.com

https

chrome.exe

4.7kB
9.0kB
20
18
8.8.8.8:53

sync-dmp.aura-dsp.com

dns

chrome.exe

67 B
122 B
1
1

DNS Request

sync-dmp.aura-dsp.com
8.8.8.8:53

sync-dmp.aura-dsp.com

dns

chrome.exe

67 B
122 B
1
1

DNS Request

sync-dmp.aura-dsp.com
8.8.8.8:53

cm.adgrx.com

dns

chrome.exe

58 B
135 B
1
1

DNS Request

cm.adgrx.com

DNS Response

54.217.19.5
8.8.8.8:53

sync.1rx.io

dns

chrome.exe

57 B
73 B
1
1

DNS Request

sync.1rx.io

DNS Response

46.228.174.117
8.8.8.8:53

green.erne.co

dns

chrome.exe

59 B
235 B
1
1

DNS Request

green.erne.co

DNS Response

141.95.171.139

141.95.172.216

141.94.242.226

141.95.171.141

141.95.171.142

141.94.242.204

141.94.161.190

141.94.240.143

141.95.171.140

141.94.161.158

141.94.242.206
8.8.8.8:53

5.19.217.54.in-addr.arpa

dns

70 B
131 B
1
1

DNS Request

5.19.217.54.in-addr.arpa
8.8.8.8:53

117.174.228.46.in-addr.arpa

dns

73 B
133 B
1
1

DNS Request

117.174.228.46.in-addr.arpa
8.8.8.8:53

pixel-eu.onaudience.com

dns

chrome.exe

69 B
197 B
1
1

DNS Request

pixel-eu.onaudience.com

DNS Response

141.94.171.213

141.94.170.64

146.59.148.16

141.94.171.216

141.94.171.212

141.94.171.214

141.94.171.215

141.94.170.77
8.8.8.8:53

sync.targeting.unrulymedia.com

dns

chrome.exe

76 B
117 B
1
1

DNS Request

sync.targeting.unrulymedia.com

DNS Response

46.228.174.117
8.8.8.8:53

sync.crwdcntrl.net

dns

chrome.exe

64 B
192 B
1
1

DNS Request

sync.crwdcntrl.net

DNS Response

54.229.184.161

52.210.166.25

108.128.218.76

99.80.66.155

52.48.17.214

52.49.69.142

54.155.211.205

54.77.0.180
8.8.8.8:53

139.171.95.141.in-addr.arpa

dns

73 B
105 B
1
1

DNS Request

139.171.95.141.in-addr.arpa

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

T1012

System Information Discovery

T1082

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Replay Monitor

Loading Replay Monitor...

Downloads

C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Crashpad\settings.dat

Filesize
40B

MD5
99cc49358cfa3628888247c84b312722

SHA1
72df90d4341e204b5d695a65f8f0575d75d6d342

SHA256
570055b300595d9bee19cd486aec73f2e432043cc1a510b5075bc55da6b32757

SHA512
1b3f0129c396f2e582b6e1316e622f9faf71776e5878c95e71a961e4851f9aa90b651f0e3c3d406602c79f377776df5c8353578f44673359088ba16998fd614d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000004

Filesize
50KB

MD5
548d4397e78e85fc4b1c67a8a9ddfda3

SHA1
2d1661c737b711dda16f5e78a4f81a459ac7c5de

SHA256
449ae9c5d5b6b3a7e2a88c57e54ed3820c5f70900b6e279fc274943abde4ccd5

SHA512
f0cf58395a1671b9f8f4fe33c57b70381ac821d9eb72aa6301709231550776d20e68437aa410c9800d3b9e59b908375f1960e21b1fda90afd3c63c0605c53566

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000006

Filesize
137KB

MD5
d5cfb1204d7ce5a6976f9f8c8e3a4400

SHA1
c7512930ba6260c81cc264d8d7003ed24411357b

SHA256
262fb42edeb5893e1486f1512f742c64db91551136989b0443ef9f46bafcf92e

SHA512
1ba7f334f9782a3de15807466a9b5ed63c7eada55c0d8515e88a8330c842a2b60beb43afcd1fef4ec9d087cb656336c6331229e8d41990eb188ca728df7fceeb

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000009

Filesize
31KB

MD5
7831ef93b979e561db4d4de0d65431e1

SHA1
028f59db7fb175538a8b66bf7fe5f38ec0228f78

SHA256
50fddd86738d08c2b1bc153f4a440f246046b9b1bc82d9cd49674b3d463803d6

SHA512
af884e74f6d20525c431f264a40ce95697c69e0d2c0b183f52da9b73f064c713140d55293e09318c6bf2a2b04e31660ba64b7b6b943db6d623637175a0e11d19

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000010

Filesize
19KB

MD5
b60fef268ebbaf639fb5bff1f300b275

SHA1
ee38092bb8705836f6bbf577c50a1e905756a3a0

SHA256
547f01b725717cf71f431159443b6689f66975da142fb1e4f23c8728331924d2

SHA512
7d4f43db846639597e36ef611981c9766daaf6020bd08fada8e907cad0df7019764f3f274f40774e65309da8b005c36c21422f28976628dcee780405e7e3cf90

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000011

Filesize
71KB

MD5
4af0d714c44aad418ff915508cf1872f

SHA1
db4c3ecc56b9ccae91d77ca06f8fa8ba0f7cfae3

SHA256
3361949d4e5aafc0ff9006481741008399cc02ccbf3665cfe11930292c536355

SHA512
12299e1e35e1decfb4548fa668e9b90d68221fb1202db5fc682d2044dc1d9066651490aea90004d3e94ec40d400a5eae84aade06d0ba64b36bd7ae13b51858a4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000012

Filesize
67KB

MD5
e0227b9f6da754f85019943ab37676e7

SHA1
60ece67cf54a510fff6c6d7a5e5be94570be1d9e

SHA256
5003d1a18c0d5df01c68291fd2e3a177235ac471edf6b8d434b05cfda2480411

SHA512
f3d3263a7b92ad9d557a5fdde9db86961422c3dbd98bb3b510eaeb0b6f3826229fe98d705624950e79636d9e52cc005673e489dcfe472afa5ffa0491a6ab5420

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000013

Filesize
85KB

MD5
586aa5f93003b065880a71b0376affd0

SHA1
f38602febb6130b5bce8cbe98e3fb9e96c9ca859

SHA256
00008d37a4c654d5ffd37b006b16099114182829adc6e0a9a69c82d75006772a

SHA512
cd5c42dbf6ed44cfa6a4b5504340a516c1eb64e9737f3369059a2090c95ed98c55ee921ba263aaeab9932a0ae183be58be593bbd35f46fdcfce55e93bf42a41d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00001d

Filesize
20KB

MD5
87e8230a9ca3f0c5ccfa56f70276e2f2

SHA1
eb116c8fd20cb2f85b7a942c7dae3b0ed6d27fe7

SHA256
e18d7214e7d3d47d913c0436f5308b9296ca3c6cd34059bf9cbf03126bafafe9

SHA512
37690a81a9e48b157298080746aa94289a4c721c762b826329e70b41ba475bb0261d048f9ab8e7301e43305c5ebf53246c20da8cd001130bf156e8b3bd38b9b8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000026

Filesize
72KB

MD5
47f8e503b36983d33b24d9f13ea01900

SHA1
3e871fc02c62e2c7e00c1d6fbdd45d82967595eb

SHA256
d8122145edd4f6055d63655631eeefcd28ef64ccc45b7d0f626a72e0194e7d19

SHA512
e776370d96b2418b7d4f1ad8341f230cb9e39618b47daf8b2e5dd2ecdf47ad21ca5164a73bc971ffa7e4b5ff38305f4903ec5f8389288eb7ee6c540a14af2241

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00002e

Filesize
64KB

MD5
e0d823d82af46b76903d70d9e0db0fac

SHA1
8ca05aa26a10bc15ccf64abcc3a7d56446bc2563

SHA256
e3cc8c80cf5a8726a413e1e2e42e285ea4f8c37ba3a90f3f65b35e428bd74fe3

SHA512
52c94d4e42d86ccb2cb3a739abb914d9ff6be023ebfd9606e4e0b78fb2a10295b272e88cc580a8dc1ab083ebfb81acf6ccbc1aa571ba885129f847107cf17ae2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_000049

Filesize
810KB

MD5
9c3e3350b99ba3e2b690f72a749bacf3

SHA1
f1371423aa3ffb08c25baebdea0476c6b669f2e4

SHA256
fb1cdea371b0f827447274b4730dbd3deedb9ab116186a2ecdbf4500631175a2

SHA512
0d96a021a10265f40c3f1804b9f0c421076d45ae8dbbe560ae95f288d047ecb11dcbda12156f3907e0185520746b3fbfa474baa3d92f85ab10e9fe6e4907e71c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004e

Filesize
17KB

MD5
d26cd223172bc9939d92ecac8540f8d9

SHA1
517ea70c7c3c698ff340751fef6d49478c4439ae

SHA256
30b5f6049d22463667ba7682b6a1bac79de4f685188e8b96d088d2110c6bbe44

SHA512
3553931a954afa2c8abccd306b5b1f8cd46fcb6ae56d7e020ef37a9e9d92b502713a9e26f9cd36ce42cf33b54f44fa27f7fca5616df021f4f0dd3d98b8ce669d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Cache\Cache_Data\f_00004f

Filesize
55KB

MD5
4c210bd4985f4d9f7c2c08dbf850013b

SHA1
dd847fef8297ea1959aaecae8cbac68df34d4992

SHA256
a3688c516f939c25c86833f13bed8f9f465f19f655016d31d59f79c76b8d101b

SHA512
fd96dcd47b5907009126d3921598b5a88448e12bb7ed60f3698d513f9fd9b3d42ebb4d3f785592881bb4917e0626ac3604fc008fa55024700a3492b83a0b99b9

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\09b5312cb7db118b_0

Filesize
369KB

MD5
35740cc0fd2c95d4b7e24de51dcc6939

SHA1
1470effe5e7229ef847f205023432ff3175feba9

SHA256
814b98db9a5f27c0ef822a8ca6e44839048e2347c1d5db06c16921f084ff6cef

SHA512
1e72ea6035eb82276878b30068707290fbf8e63d25bfa1414b91af1f47788e19ef45931660bd57e482df02d05c205885ad7bb045678ebc788cd275c190df5800

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\144c16792a809f89_0

Filesize
170KB

MD5
192f486eb71f2c2aed1748b3b0eb6faf

SHA1
9b0fcba9023378a9afb265896bd3f4d5089a9d94

SHA256
e8bd5333bc617cc3a9c5685c417d8125987a68cd2fa438bd42f4599d0019ae17

SHA512
9a727896dacbb2dfdd97e26c49d3d5415628b3f771bad53ec990e77d24aeba1bfff2e4dd5501e2f5d9195822b93c70255e4a3211d2f97b2f2a28859c4f9bbb01

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\2bed38aac0a96982_0

Filesize
554KB

MD5
5be4812acc05407ae4dc63f46fa75caa

SHA1
f996d6b00dcab0ff6e666856952571860f903425

SHA256
06e502cf4b7955ae0b2c6e621e18fdcc68fee965523829b07d4124aa65d439ee

SHA512
019d9f4caccbb8eded3557468887ce8f61bc11da757742caa6335b5639324b8066253c12bec61583ca973b25fb07a9152faf25d93a530b3ed56737c0383cb2b0

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3244ebccd0ff0a27_0

Filesize
321B

MD5
495d7e3f5086cd093bda70e6e8178594

SHA1
6363211ae9162219a3c295417f49d05aaad1c86b

SHA256
4ae103ea6c8c325d34db8d9ddb9eede097d4458d5cc9f49e74492724a0e0551c

SHA512
62f927f6c75f8140f9426f9e7193f1e43da0fc598aedbdd67e477b0b6c160455d44ac0a8b13bd41c20b3c1136bcc40f35828486e9aeae4844f56a00fc8d0f2aa

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3480a8079c8f9699_0

Filesize
92KB

MD5
2a904b886f6a80047a4a59f4105d6b2b

SHA1
12ba7a9501aaa2d813893271a34562aec793b788

SHA256
b4b2f6a959d3b870429d43093ca78564fe7cf090ac2f60208871ced34040fb76

SHA512
2f92513a5fe50754568070cff2cf488f4b905943b1804ca2e02f8436da12c7e4a13c5bf13127a1dba4e61193c9aa82190d3ecbd02c6b051b7c38b49cfa4cb5c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3593b7c4cd7867bc_0

Filesize
261B

MD5
c08aa94ecd124069dc6080b8d00ea424

SHA1
cd44eaa3f51adbb8d12f6f4147056ef094aefebe

SHA256
e4d79d3f23fb5c9cebb830be340d52e7fcec422387f59b723010472788f143bb

SHA512
c80740e713229fcd715813912b033f267a25fdbe6c712a44013ef8de043926cc3dfcf25f13ada0b1c9ff378e58da9479aed3a92e86fd58669b7a4855baea760f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\3d24f8e5b760d1d0_0

Filesize
3KB

MD5
7dc4d04ef667001806ee51c76af746c7

SHA1
9d3ce6f6e4a902b79ccd3781434dfdbcbd98848f

SHA256
ec14ffafebbe6366e6d74842cd58aa89602db7aa0c15bc49a41315c21f565f93

SHA512
a733a789b599a4c7ae0aac3de208ecf0c7a87ded2f128098ece00d4f2968d8806bad431b51ae6871de768d68cbca0c527eb3f4479f2c6ddb89f30e69a0db4287

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\46f6d8ed110a2ece_0

Filesize
14KB

MD5
b459ba81ec7db6cdb2001abdd3c1a322

SHA1
19a1d7f4ab38c590474fcf25267519c479b055ad

SHA256
56c08766cf87de19dac51fcfe40ea03d49d86580903a1364e3d9687dc6f7c559

SHA512
bcf385641a903d3bf4b8df280bb25b49ce7664692e7a36b47b4ce7795685dd03c457c4f9792006b9f76e86cfc671c0cafdedf28a8f59263aae6da094e0001e2f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\53fb55e4dcd2cd85_0

Filesize
306B

MD5
44fbe8f3eba6b241d3960d745bd15c93

SHA1
bbcdba8cd09ecee20e38dedf17c2e030e4d5819f

SHA256
6f160bcf3dbbb2dab9f36fba05689dbb0ebd19e014f893331060521bea560516

SHA512
89357bcc2ee52997ec7beb5fc8dd70ca127f3d4a5bb85d199ed79abea12a46befa5cbeb633f754af2a6fc70976a8e56cd2fd9836fcfe5ffc600a33e68b4912ca

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\58710a2ecb8dd25c_0

Filesize
265B

MD5
cae9c54b15e9b86347c1cdc5e18b3bb4

SHA1
ad47941974bbb2257c5ed9e791e679b00fff1dc8

SHA256
8d869e17061fea86d3007b12dd2de8767701f329d8111149e22bc8852f339c95

SHA512
683fb8a05c71dbd00938e3625ebf64b0d902b4803c2cafd44bd3211786221aa9489d5539cea820a5d415c3d61219d3909cbcc29fdccf14b63b108f8fbcfda7b6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\71744db5734bd698_0

Filesize
52KB

MD5
89b9745de7a2dee991eabeef68ed7b04

SHA1
24a39be337a872cd310be57a9ad1b5835f3bf10c

SHA256
28ce542a200d309cc015868e3d5fa7f6e74d2803401e33917c352770a4fb2844

SHA512
77c9f088a5b20355eb05397f233275f830bfde61b244adbab15c42c29cd74833d5c9047cd36b9f41db79b18ce0a0ca1135482a20ff94cb788ca3cf92e97b0e92

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\7da200e6db062c24_0

Filesize
17KB

MD5
86ed66b9e65843bec7b8685328355428

SHA1
9d19018914da1549ea4800123e64e5bb2704b1d7

SHA256
046edbf2438b70e0b74257f8391d40189bc5358b7421164a3d311de03c29dd20

SHA512
4f95cd987df5daf0524760a9d52734649575c70505fdbaf8e5fe394eb1c61436734e75eca0cf262162bf7b48a76a72e55a9acec1039453a64616067e28862a15

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\839a43f53e80ae25_0

Filesize
33KB

MD5
164121a03417cfc8da747ac43fb0aff5

SHA1
c13b1780a1a9c5b410203c2f3be2df0b97241393

SHA256
30ca4108d8e8edf9879887c04c936a7ab2f2731a05accf629a0f94d434d60988

SHA512
f2bfbd5672c517f3421f332fe458fb492a12a9640f9d3e0524df4d404306d8d69821b76821fc82235b7615d23934a9fe64640f662c92b7f7576d3bd2bedc82b1

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\8593a3670c94c46e_0

Filesize
288B

MD5
a424f1c5d639b5c59d12cbf2cd511e4b

SHA1
678d93e32fcca4589514f36a007902382b0b0042

SHA256
b43d36c3d087973ad75a69fef7086d69b48bcae8f1d46bfb0adff6f4bee51f23

SHA512
7d7a6eb488f82fc8e140d3f68d92189bee60faa8fdc3cd63a434d76b6be55e7a99b2c7b6ffa158ff23c3919bbe072fff8fe9ac91e48dc4f3a684a78838a7c6f2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\95ebcb06db58e3c4_0

Filesize
79KB

MD5
0ae543937da807080aa84203293eb57c

SHA1
2f466f595519c3d94341731eb9aa1bc0defbc209

SHA256
b89603c41b2ac34ceda1de86ad73b93a773b91b45a7d71495f3908e7ed724100

SHA512
ae8f7be6ea6720ea2e5c92e87be436adb718a5ebb3302277dd74ba5837fbd5db715d873f06f0907dcfc248e4f1ef698541d3195c05bfb9f12a7b8d128733b603

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9c7ccc308cd1e78c_0

Filesize
304B

MD5
7bd365b288428b6d99a6afd9a0fc12ac

SHA1
238a801068309bd1e72fedcda7b768d7e514ef0b

SHA256
4ab548c4b490d964d5350755b4887f0aa84e977d9add20c52e44b8ed1d4fda5c

SHA512
d0ac057045a6eee65871393a57a7d74f0ecffc637a7e0c98c476f90a13b83c640d1795c6721dc9a8523abbeffd5ffc3f00faa96f28a2f07e65af4847895a1165

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\9e8ee0ee64b7937b_0

Filesize
241KB

MD5
7c3dac788c1ecb2f1ca117cd1a38c13f

SHA1
24d2e174399df52f9057ab65e09529f15b29f36d

SHA256
41b4a2fd5cac96933a9cdb6f7c9063bb883efca484f87fed695b4eaa94ca8e2d

SHA512
a195e7fd4081f6d8ff43adbbb9b420450b273240ae59fb11b0ea12e194c2fe187cb20f28acc9c67fab6b2bd970528c941fbf1a7ecae52894c8598625c9de314d

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\b0df825a2efb9c71_0

Filesize
292KB

MD5
6c9a2507b6e6169406f73185578bb03c

SHA1
738c85e168c5eb05be581d4eb5ffdee6eaccc09f

SHA256
3ef1af99a3616b09ed24714b29fd0d0c546e43e3b386d4881b5c31d14b10c9b9

SHA512
df81b495783861fc7d1668087d70a59d44777c5075ce05015092a069604eff3aa326d62dc276851907b415fb3a462d9f67e6a42658f206ea291a55a71a67e80c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\bea78b6c7f80502d_0

Filesize
248B

MD5
68217148ecb005f7484d1d78fc704dc6

SHA1
bf51a1e2c3e64b620f87f823d7b27c3ba4dbd348

SHA256
c6a373bd717ffeeab981eef8df2bafe195fd78b0de336a2486a780bed7591bce

SHA512
ad3f1346d4d868617f13760b46983d965d7373673a62e35419060b5e3df93d56f591f8a0e93f81a0c899dc0e80883e0ccfed0cdedcfc73ea01591dbc285a50fc

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\c9b95b70eb5aafa7_0

Filesize
265B

MD5
1b11e2d7bef8d913e058181c2b983f02

SHA1
3e2d545996a16fcd0cb8dade59203c60eba38fa9

SHA256
4373bad3ad7aa3866daec189b8d855ed9874ddda0de0d35d2127d486536cb100

SHA512
63040bc0ffe056e196ae77419f196e3fe2ea70be18d90517dbd7b5e252de370c2801d09ebcd8d0dead0e4df6b3f8bdbd745dbc6420e3bca7dc500e53f4979de2

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\da3819955f515f17_0

Filesize
52KB

MD5
dbbdcb3eba5943c82728a035f55d87d1

SHA1
4c320ca6723d0a2067836cf853548a7ec0ff90b9

SHA256
877623a23e086eff26495d41dbfffb2623e5897dd1e29db19451899d0d0f1534

SHA512
ffc8a75ca2a0275f704e04ec289521a42abecd9fddd380ab5ba420e08ff31f590078f26b714fd204832a151c30dff6017031779fb7b7c9cb9329f34821519550

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\da58192d9f6120d2_0

Filesize
276B

MD5
90ba864989523f2da4ea5347d251f745

SHA1
8ca8e98ded2bedddcc450af4f51fe68d89857b11

SHA256
1f5ba0ea71cc7ca0cf00fa77add7c57f70c5381e3f4f172b9f2a1213ff6cca21

SHA512
858b7d016f44657d867e7df2cd3dccdf2ca54b7223ffcb78ac654a8a0531b07cbcd2e52d59ecb2e971fc3913c72785f2034090479df23ce6a9bbca4fb8c2a410

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\dc995ef416548268_0

Filesize
292B

MD5
6ff32431992efbc8c8b8839d0242e744

SHA1
44e7e0e6a32b0f0f7d1dbda292cf7ef1a92db3c5

SHA256
828248a9ba6a351bbae18d12f55aeb7b413b25c0b0b60508ce91753f774010ee

SHA512
17ed93e5e4d701b304de0dcb87f94f88d196ee4f5b36bafbc8c0bd2ec14f3b32e49f1cf47d673f0bd113cd49fbf7f66d875ea54d0cccdd2b148f307f026ce5ec

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f35df1a0072762d5_0

Filesize
297B

MD5
6f2a74c4134db65ca5e48aed10ff9285

SHA1
2a25b4b34a3a886d9cd847d6d44b38e2143e4e69

SHA256
5596dc06acc0cf1c832a3e54dbcae6def36bfac702f86aef020f004c15f3cb30

SHA512
b02ebb1f23100dfe48630cc187c0260b35b27ee2998442d239e4818c81273e9611003880f69b55087ddd32cf41050225f5595f1d8812312a329c97ef430aaa4f

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\f87320ad9eafbd65_0

Filesize
3KB

MD5
da7ae02fd227c22cd64f44eb1df1dc54

SHA1
c7cc1bf5914bd5b12e38e87c46d8ba04391417d4

SHA256
bd29a8ba682b06ce772bdbb63a83b10c23f1a7d758e745e0362e7bd9e2ab84b9

SHA512
c2be0182ffac6df94fb17b941510706a6f6618bf3a401c32d133870819dc67fd147accb191de044be0967677676cd162fdb782ba5bc5f40e8d5aebbba9af86f7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
4KB

MD5
c534250fa57b5e9e2cb976c8e06fa2a8

SHA1
9b94ba3ed9721693c26da5b8d408e6244dbace69

SHA256
cc74fd1cd381c5ca3bb04bd5d83ddb9815a50f4d912a1d580ada8f0467c0a410

SHA512
cc47127f349d18e41fde271738408315316063ee456d09a9992ac3327311f72aea199856f3addd9fa6babb8329f641c663fb2e5d0f663fd4ec36f89541f3828c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Code Cache\js\index-dir\the-real-index

Filesize
5KB

MD5
42b20f19b29429f3c9910941eb5444f8

SHA1
a9899645405d0013fe3c928b7bf8395cafcee01b

SHA256
3bf1bc99e38379c1ec4e6a7c6a4ab736921b29ecaa2caf165d15a765cf36a1e9

SHA512
13a2ace33f6cec600f23c38f2996f218fad797055a4124bc494d027907c55a56a888a1b40c9737e6ed9d43f8d4d85884c9407cf7950b8f5a8ebd1e8194275a7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
17KB

MD5
e14043f32f1d6a63568bdde9c08687ff

SHA1
ffa9777df148235fd98e72fa7e5a33e9a1694032

SHA256
39b593ba8f045e7a13a3ea925c7f03864802c691bfec3a6c154aa7d8852cb75c

SHA512
bbd58b3b9d497a90444b21071cfba677165e52da0487311e703c0c42387c78f9d047383266bd9ceb0008405094c607976e0abee1cd06fce710cf8eb880e9b15c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
19KB

MD5
2fae4397634a3b2d1eacda4f4ab641f6

SHA1
10979b32668e2f7af0c85e95b40d003334d6e68e

SHA256
394b7bb182eca89a216acf70fd06a0531985355688f310389d551a814eedb201

SHA512
36dfcda5f7b32a96d495073be067750bed8d9c81141af02ffa779a3c6d0ce155f27b0f14268178dfd0b544afbc44f4607e237055e33434641a1731de6f4f2ae8

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\Network Persistent State

Filesize
15KB

MD5
949115f15dd1e9e1257fdc5803a9f188

SHA1
a555b16e912a93112c8383d61c13efebb7af56ff

SHA256
199a7bcc8e7084cac23d8a050eef5ccdfbd542bdd19c9db9beff691ccf6d62b0

SHA512
97656f13c7844bbd6c9a6e5fc3590da7fd1dc8a66c749e66a19306dcfb778b519df2098b3107b088ef6e4a5c9a7080ee49106473af3c3d2b12b7f48956e5acd4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
f37c4243c20106d87b684926e3b6ce46

SHA1
f4ca0d98cb466b2405a988d0bab32efb2592bcc9

SHA256
4efc51a80dbedfe067318270f63d29dec0682c02167ed0db633ed40399fcaec2

SHA512
a817ed0ea145458125e566dccd3ff4a398ec15e88bec128702917da09d548a7ee5ee22cd72b22fb8919f799f0e3e12353f6f7d0ac133816a3abb848d10b380f3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
57996aeab1402d19b2c7ff67cd5c1e2c

SHA1
24c99d9cb69a70f184db38a49b74eb6dbfb2491e

SHA256
db46e326e947de55b441c336ab65698246e1885082df7776b0e488ccfadc26b0

SHA512
a2be52fedee819b578006eefb0ac597baef679f95a874357f20df81595f22148107d2f177378e466022ed3f60975887869d189447373795a26e6e3c5f2592bb6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
5KB

MD5
db741134662882350289e75c9edd1015

SHA1
cd67f34673bcbbe42b226a5789e59531c593ac33

SHA256
5ea0170f87a5a5e297b90221ef6dafe660f3d803719dda829b0707bf8332c7b4

SHA512
43434d6fadb88643c808c176a54770b18e29f0ff1fcdf1ee0826681db7ab883610ae3046e269289b8cd8299953edc12f0d0b6225c6f0adfe1547b7b32d043125

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
1KB

MD5
1c72a36461ecdd4c73190ee0fbe139e3

SHA1
bb8c7101bffe5c6be73c7a602ef1017a254220a2

SHA256
a9a5b99d760e293e079ae56e51f7e790d448dd4a7f497a8a704498070f6b3481

SHA512
eb3fc91e29736e1a26db81e6eeb9d2610f73304c9206b31f9ae2f932e69811dae1b37c50b873b134c578eb6d7c67f6a3b2048d20fb5e27373491b97a0aa80b07

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
2KB

MD5
0ca191edb2229db77a1922e863d8e044

SHA1
5868a32ece9e19e4342df086bf72cd15564eb8e9

SHA256
a789eaedeaca3b2c61cc9ba6dff0587fc707fb38db5a410e6e36a58375b29383

SHA512
bace512b10f4bfd89543b6867c37c33bfd31e76a28714a1c80bc74a8aeb7218ae3522b1c29dda691eb615319d680e653ae15d06c0dcd351f14cab584430c9ea4

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
0699be209bfd15025dab19c8e3e4fa16

SHA1
a5be637ae55caaa26f3486c9620c81e2aa47f8fd

SHA256
eec8a22469393f136530ac442f13304c20ff440b787156b0e43aaf1347de1daf

SHA512
92cd24201a272824daafa1d5c46d3d0a659150945d22465b091ee4f0ddd559012e865c67d5eb2adbc46c7e7205f0e005cbf97f2be9d83618184e6e17332d051c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
0655bbd7d510b8600da3f05bb728fb14

SHA1
ea3cb149f4ded34c90287474a47382e99a9c80ee

SHA256
ad843190c8caa6f56cd8fd0236abb76118e75f5b84845afb5287e20b58eb4209

SHA512
4f28406b6fd71d7f1753eaa74ab0c2ed4976439969aa3865455fe5e3171af88bb9b064f74ec0177817cc9f940e2d80f5e047d2e1c3adfe208b0a81eb57271f7b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
3KB

MD5
e5bf55e58b259cf49446af408c3aa423

SHA1
7ba1aeb3ae2b9bfaf8a7b208804b672319a06fe7

SHA256
57787d2731175d29f4517425e419b8439ef13a11fa5cdb466ea428a44f60112d

SHA512
9384bb7ddbeed6bd1cd796b58b4f051e34415d68cc639f0a7c71e002c7790f2903af80acc77922345ca7f38634133d3f6d7c8a8a419ce9ac61e953dfc54a6370

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Network\TransportSecurity

Filesize
4KB

MD5
d7b8fa07af7ea1220c59856fbd22cc87

SHA1
682468d7d8dd86aa11eea4258fbeefd559345ce2

SHA256
2d2134dcb45c653237cc4d67028ff5c727874b8ca8fc5c423dcf656c67b0f531

SHA512
ac138ddc98e99f2e8012e6ecbf3f249cd1a305e5b34c2938a28177055666c6e527032db8c472341e48dba7278c397f9695a1317a2c30ebb94a7d990cb069e4ee

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
8ca24e5e7017e04942a3feb8db2dafa5

SHA1
2feaa639a2f00a9141941c0cc5ddccd2279a3bd7

SHA256
08d8fb32f7f929359cfa761145048240bddec00850a0ad142c396b1c8b92c494

SHA512
0f6314a0ffd46e1dc8cb26b319758592f166339bc57057029808850b2e04f86474ca1ef7010d2ffcd3b4fd8f558fdd21edd8e6da7e57806d274afc9dcbe00d21

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
ddf2f12aa1924f0680f9a1adfba08925

SHA1
fa8d411dad9dbfe276d92032dc69e5899206d1bc

SHA256
b1d2e5a1433c60a20a308322669aef3fecc4cbe2146ac2df1811f42bf1d73e15

SHA512
2f242c4928c8c702f4fb6124c5865015ee45be065c711b67ff096fe448bc0224a900d96aa8286dbe347348bde2a2ae0d515550bac05b21c7540de4174d997120

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
90126b0e4ed24c6867f9bf87b4d95b7d

SHA1
71afe91335b7593c2a2069a61d89a93b302d45a7

SHA256
6de4f90dc76e5a3b9a1758a3f9c9f895be99c572ed1cbfae1ffad94eb2077c0e

SHA512
41023336a447d7907fe2b9930a812d54e219e83a43ae52e031861b8142791d35beb2ba88f08f6621c4576103d303a1ce5a4e491a74a76d3066228628cd5069c6

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
731fe4b0f2d4be6fd649883d418403b1

SHA1
02906de35fe439db05eb23fb0ba3db29855b88ee

SHA256
8840af7343beb5d09b79f56596cc1d50fcf379538c802163023849e16683cb8d

SHA512
61e9122a9755ba234cc21ace34cc1ba9d7f0084b050bf09bcafd37420499759305c64f51438be9b48057f1ff617b1f5f5d0000ad48e6c1fb33142a2ca3b63a42

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
7KB

MD5
845cb3f2289da1f16e774880b66370ce

SHA1
2539f4bbb8f85156242429c8466fc49cd4d6f8a4

SHA256
cee51cdd6f9b1fb7dcd908f06a8e3aa88b7c6fdbaa025097664f30875b83a7df

SHA512
5e14217b87a56599b8e9fd5ce36283c43217f21e9ee36da0fd484669fa98a6e142e9263611386a0228efde4b0d923267c66f7ac8a094019a3cafb37b7513719b

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
6KB

MD5
9d44cb84e0bb6f96fadcccd48c5a53c1

SHA1
f338d95006ab9ed7ce55eb85b0ec2f31d25f5ee7

SHA256
8941f1797781f482f879b71136d4e9cdefeffed91ca25cee2769d46aff685e65

SHA512
ef7fda6c4e1a24defcb47957eb856fd879d9ee99947ec49902d7d0ea1ac5d6274aea4ddf48f2b48472880a8c5ee57a60d4ea5549d24167ef6ebdf39840a2253c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Preferences

Filesize
8KB

MD5
61e69afd4b13224f40562b1bc36a7270

SHA1
51c8b996a2f0c407c6da0c9ca5ada9df07c9e8b2

SHA256
0a72a6b594b119b1279d37576e2f25fbd6624093162f76a7e2c37134bb2c17ad

SHA512
7d985a5b3604ceecbeb809de3d98f8c9c87991c2ee748900e3e78944c66651067000c4e2a702c8df77d576b60c480de94dbcb6794cc749746dd63e5d3eb55020

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt

Filesize
56B

MD5
ae1bccd6831ebfe5ad03b482ee266e4f

SHA1
01f4179f48f1af383b275d7ee338dd160b6f558a

SHA256
1b11047e738f76c94c9d15ee981ec46b286a54def1a7852ca1ade7f908988649

SHA512
baf7ff6747f30e542c254f46a9678b9dbf42312933962c391b79eca6fcb615e4ba9283c00f554d6021e594f18c087899bc9b5362c41c0d6f862bba7fb9f83038

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Default\Service Worker\CacheStorage\379f1cbab5b08b6fc9e08681e42d8be311441c88\index.txt~RFe5b027d.TMP

Filesize
120B

MD5
7f37ea9789c2fe640568ae338b389aa3

SHA1
c700b5df6f8198af6370e8f390fac6c696c89df8

SHA256
2ae78d33d235c47505bb15e45e466959f669d5bb1d2bda6814bb5affb0b0b73c

SHA512
6fb5082f8b24669f825b5cfdce00f02665b22b0d3c4deaec23acc643e9dff93c3d691b0d0745bb980389848ef25d356a21581e7b989a03066a120070caa4382c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
253KB

MD5
092452c434d658e449eefd44050f98a8

SHA1
9a17f28883313fb4a3b1ced0e1b53124ff56bb1d

SHA256
af47caed0003bbcb9719714ae2844e7c6623bfa075808d66667ae1a5ed7090c7

SHA512
48c0ba58a085fbc48c84be8d70779eb175d19d4a91c37ca8e7d4648914e0391c2f7e255029bb954eeeb21904c0abf69a7bc57cdeaa09f5d4b3f56dc88f7c84e5

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
253KB

MD5
23d481d29db637c9ab0eb76681f1de28

SHA1
aeb80aac6d3564036c29235b58eafe2b2e4217e1

SHA256
145f6540190fb1ec7bfbf6d4660987ef50d69d8b60ff649007349aea60d9e13b

SHA512
caf6eca29e5fdf4d3bdcdd1e244d982f8ff034467d425d6dd2d4375bfbd8bb6f748acf3b526b13dbcb0d416fdb73f43d8d88b146508d99d234ff52f43d4ad58c

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Local State

Filesize
253KB

MD5
3e9410301b0a4bb6e270ffa5cbca4bd3

SHA1
d95edfba947bcf5e8df0624befb9a4929637ad58

SHA256
73959fb4625a78f0e384258c2451275d99c72826dda12bf1b93f96ac806538ff

SHA512
ee9099041d30610401f9b32a4bef409f25ca948ff9e4794116c1fc80d7267fd1d4276ccc06b3a826d0031cf3587190ae8f166d1baff0d66c660e5963dc5ff8b3

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache

Filesize
111KB

MD5
3d5ec205b56683e5ddbe7d6e94875d2b

SHA1
76f393a24e0a0264b3edf6cba1a84019d31a6df3

SHA256
796d39bbbb7b8ab3e7e61f417704c1269c53a19d86b731cfc28fea1a37bfd721

SHA512
74a88cb88450a8cb6d6cddde160eba5d85d53ed0f887e853d29f30da332a7b3ab7333fb16c2d86e4da9ae1ee2a89b4c7c488e916f0e5a9a906047c1cf89ec6c7

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\Module Info Cache~RFe57caa3.TMP

Filesize
105KB

MD5
5826bdebcc6d83e2771011f12cf61cb7

SHA1
c455c7864162161f229104685adf9f398d4f788b

SHA256
c6533862697d5822df2001576701d6499e113a49550e66b918c861d9c0150320

SHA512
a73a26e457e1cca39458a013c271b61d11253481db39257efd780d3db1e677238e56c549ccc9a0fe85ed7f7691b1da68e950827baf411e43427f63efe909eb47

Download Submit
C:\Users\Admin\AppData\Local\Google\Chrome\User Data\persisted_first_party_sets.json

Filesize
2B

MD5
99914b932bd37a50b983c5e7c90ae93b

SHA1
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f

SHA256
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

SHA512
27c74670adb75075fad058d5ceaf7b20c4e7786c83bae8a32f626f9782af34c9a33c2046ef60fd2a7878d378e29fec851806bbd9a67878f3a9f1cda4830763fd

Download Submit

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Request

HTTP Response

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Response

HTTP Request

HTTP Request

HTTP Request

HTTP Response