Report - recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade

Report Overview

Visited public
2025-02-01 10:52:59
Tags
URL
recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Finishing URL
recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
IP / ASN
172.67.169.107
#13335 CLOUDFLARENET
Title
RecipesAlba

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Domain / FQDN	Rank	Registered	First Seen	Last Seen	Sent	Received	IP
logger.21wiz.com	unknown	2024-02-13	2024-10-08	2025-01-27	2.7 kB	4.0 kB	172.67.214.3
user-sync.adxpremium.services	25923	2019-07-04	2021-01-15	2025-01-27	605 B	660 B	104.22.51.178
ml.pubcircle.ai	unknown	unknown	2024-02-27	2025-01-27	3.2 kB	3.4 kB	80.77.86.40
nakamasweb.com	165793	2015-11-05	2016-02-20	2025-01-27	434 B	1.6 kB	104.21.21.156
sync.cootlogix.com	unknown	2017-08-21	2022-08-31	2025-01-25	542 B	592 B	24.144.114.245
ghb2.adtelligent.com	10421	2003-02-08	2020-04-01	2025-01-26	495 B	1.5 kB	107.151.11.18
cs.pubcircle.ai	unknown	unknown	2024-11-26	2025-01-25	1.1 kB	434 B	80.77.86.40
platform.bidgear.com	30367	2011-08-30	2016-07-27	2025-01-31	452 B	2.9 kB	104.26.2.107
go-sync.adxpremium.services	unknown	2019-07-04	2023-01-26	2025-01-29	629 B	1.1 kB	104.22.51.178
setuid	unknown	unknown	2024-11-22	2025-01-29	1.0 kB	0 B	0.0.0.0
mp.4dex.io	2629	2018-04-02	2019-01-03	2025-01-30	1.5 kB	3.1 kB	104.18.34.178
ghb.adtelligent.com	5527	2003-02-08	2019-05-01	2025-01-31	494 B	1.5 kB	107.151.11.18
pl.21wiz.com	unknown	2024-02-13	2024-04-08	2025-01-31	1.6 kB	14 kB	172.67.214.3
prebid.admatic.com.tr	unknown	2014-01-06	2024-01-19	2025-01-27	3.2 kB	6.4 kB	172.67.73.96
s.ad.smaato.net	704	2006-05-16	2020-09-06	2025-02-01	2.9 kB	1.9 kB	143.204.55.53
recipesalba.com	unknown	2024-12-26	2025-01-09	2025-02-01	15 kB	2.8 MB	188.114.97.1
sync.adprime.com	23917	2003-07-23	2020-06-16	2025-01-28	1.1 kB	1.0 kB	8.2.110.13
cs.pgammedia.com	unknown	2017-08-13	2023-09-20	2025-01-28	1.2 kB	1.2 kB	80.77.87.200
static.cdn.admatic.com.tr	unknown	2014-01-06	2024-01-19	2025-01-30	3.1 kB	24 kB	172.67.73.96
static.21wiz.com	unknown	2024-02-13	2024-04-08	2025-01-27	3.1 kB	458 kB	172.67.214.3
21wiz.com	unknown	2024-02-13	2021-02-01	2025-01-27	909 B	132 kB	172.67.214.3
track.us.org	unknown	unknown	2014-01-09	2025-01-28	589 B	827 B	185.59.208.177
fstatic.netpub.media	974484	2021-06-11	2022-01-24	2025-01-26	3.8 kB	590 kB	104.22.52.160
dsp-service.pixad.com.tr	unknown	2019-09-30	2023-11-16	2025-01-30	678 B	1.7 kB	172.67.74.147
gpp.netpub.media	unknown	2021-06-11	2024-12-11	2025-01-30	913 B	1.8 kB	104.22.52.160
prebid.axis-marketplace.com	unknown	2022-09-29	2024-03-24	2025-02-01	1.5 kB	720 B	80.77.87.74
csync.loopme.me	1009	2012-08-22	2017-10-10	2025-01-28	2.3 kB	1.4 kB	34.1.224.215
imp9.bidgear.com	34078	2011-08-30	2021-03-15	2025-01-28	547 B	712 B	104.26.2.107
netpubmedia.rtb.adtarget.biz	unknown	2024-11-21	2024-12-23	2025-01-27	4.2 kB	8.1 kB	172.67.69.246
prebid.smilewanted.com	7767	2015-10-05	2019-07-25	2025-01-30	2.0 kB	2.1 kB	104.22.31.209
sync.vistarsagency.com	unknown	2023-05-27	2024-09-12	2025-01-28	1.1 kB	448 B	95.216.70.52
www.googletagmanager.com	75	2011-11-11	2012-10-04	2025-01-29	434 B	114 kB	142.250.74.168
delivery.r2b2.io	44689	2017-11-01	2021-02-07	2025-01-28	916 B	256 kB	151.101.131.52
cs.admanmedia.com	2357	2009-09-02	2017-05-05	2025-01-27	4.9 kB	9.7 kB	80.77.87.162
endpoints.dochase.com	unknown	2013-02-07	2024-01-31	2025-01-31	1.3 kB	348 B	8.2.109.53
script.4dex.io	2135	2018-04-02	2018-07-23	2025-01-30	862 B	22 kB	104.26.9.169
sync.vqserve.com	unknown	2024-09-01	2024-10-25	2025-01-27	912 B	1.3 kB	87.242.104.235
csync.smilewanted.com	5015	2015-10-05	2019-08-06	2025-01-31	1.8 kB	6.3 kB	104.22.31.209
cadmus.script.ac	unknown	2020-03-18	2023-03-09	2025-01-31	426 B	400 B	104.18.41.30
ssp.disqus.com	7563	2006-12-07	2021-02-08	2025-01-25	2.9 kB	675 B	107.23.13.97
a4p.adpartner.pro	45743	2015-04-28	2015-05-23	2025-01-27	583 B	447 B	51.83.220.94
code.21wiz.com	unknown	2024-02-13	2024-04-08	2025-01-27	17 kB	449 kB	172.67.214.3
sync.console.adtarget.com.tr	6094	2019-09-30	2020-04-08	2025-01-27	652 B	346 B	185.83.71.234
us.ck-ie.com	3516	2020-01-08	2020-01-11	2025-01-26	1.2 kB	254 B	8.2.110.70
static.smilewanted.com	13718	2015-10-05	2016-09-03	2025-01-30	451 B	50 kB	104.22.31.209
cdn.cookielaw.org	502	2011-06-20	2013-12-28	2025-01-29	425 B	2.7 kB	104.18.87.42
ghb.console.adtarget.com.tr	70305	2019-09-30	2020-05-22	2025-01-25	3.6 kB	4.9 kB	185.83.69.58
onetag-sys.com	1840	2015-04-05	2015-04-08	2025-01-29	7.1 kB	4.5 kB	51.38.120.206
prebid.admanmedia.com	unknown	2009-09-02	2022-11-10	2025-01-27	3.2 kB	1.4 kB	109.206.161.28
csync.copper6.com	unknown	2023-01-27	2024-08-20	2025-01-31	1.4 kB	1.3 kB	80.77.84.96
dsp-service	unknown	unknown	2024-10-23	2025-01-29	661 B	0 B	0.0.0.0
dsp-service.admatic.com.tr	unknown	2014-01-06	2024-01-22	2025-01-30	723 B	2.9 kB	104.26.4.92
cdn.jsdelivr.net	439	2012-05-16	2012-09-30	2025-01-29	1.5 kB	4.8 kB	151.101.129.229
www.temu.com	unknown	2003-04-29	2021-09-28	2025-01-26	1.2 kB	1.5 kB	172.64.144.50
sync.colossusssp.com	2477	2017-10-10	2018-01-12	2025-01-28	1.7 kB	1.8 kB	172.240.155.108
cs.axis-marketplace.com	unknown	2022-09-29	2023-04-26	2025-01-19	546 B	0 B	0.0.0.0
prebid.a-mo.net	1148	2017-09-08	2020-07-14	2025-01-31	4.3 kB	2.6 kB	163.5.194.35
ghb1.adtelligent.com	6699	2003-02-08	2020-04-04	2025-01-25	495 B	1.5 kB	107.151.11.18
cs.playdigo.com	unknown	2018-01-24	2024-08-14	2025-01-28	1.2 kB	1.2 kB	80.77.85.111

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

Public InfoSec YARA rules

No alerts detected

OpenPhish

No alerts detected

PhishTank

No alerts detected

Quad9 DNS

Scan Date	Severity	Indicator	Alert
2025-02-01	medium	dsp-service	Sinkholed
2025-02-01	medium	setuid	Sinkholed
2025-02-01	medium	setuid	Sinkholed

ThreatFox

No alerts detected

JavaScript (41)

	URL	From	Size	First Seen	Last Seen
	recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade	ScriptElement	161 B	2025-01-09	2025-02-03
Pretty URL recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-09 02:37 Last Seen2025-02-03 16:48 Times Seen16 Hash 17fdb636d3b37d20612341373a525a52 0516b4b39c64ba3eefa49a7e221c2fe1c4fb37ca c8355eb331c6ceb344967b2d85d4424dedd832530b07278806291fb311ca6c31 Loading...

	unknown	ScriptElement	12 kB	2024-09-20	2025-04-07
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2024-09-20 20:47 Last Seen2025-04-07 07:31 Times Seen472 Hash ec2f00fdb3740663fead38bae2fe7a4f 1c65635a27db3678cc2b8eb576cd91f88e3a4efa 553e2db1eee91032cad18bdf79cf07dd8301deccd57d320c822bd990573953fa Loading...

	unknown	ScriptElement	213 B	2023-11-03	2025-02-04
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-11-03 23:17 Last Seen2025-02-04 16:38 Times Seen371 Hash 20e618a9fc30510f194aea3df5f6e3e0 157a06574a7f457001544a338ad17f866278ee6f 8ee54bc9874a800fb67c1c894e9676e0e591d2431f0391c010dd83a6f10736ff Loading...

	recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/sandbox%20eval%20code		126 B	2023-05-06	2025-05-14
Pretty URL recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-05-06 07:30 Last Seen2025-05-14 01:28 Times Seen4950 Hash 3aadd83f50b7c1d98629539e86352902 03ffa3877df22f5e914d44883bf8d507a2422224 199ae99622780237f3280e942ddd2e4f53791d56513a3e87804c7e5778533bb5 Loading...

	unknown	ScriptElement	1.1 kB	2025-02-01	2025-02-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-01 10:53 Last Seen2025-02-03 16:48 Times Seen2 Hash 008dbf7c4f3366a82504696d8ea81273 90fa36da0adeae9f5366cff1c2e9f319ef1ba08b cd72a798dcc41e9ff776a331703f61234c0f582c015c1dfc1df6bebb54dde2ac Loading...

	code.21wiz.com/go/bmap?v=480a3786f25b10cc21aadc157c93c886&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&tanc=&ancs=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030	ScriptElement	55 kB	2025-02-01	2025-02-01
Pretty URL code.21wiz.com/go/bmap?v=480a3786f25b10cc21aadc157c93c886&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&tanc=&ancs=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030 IP 172.67.214.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash b6121e6b472ccfd0ea52cddeb4a3fb15 e0b968e6740f714062f91179521c45197660ae24 47ccc0060ac115e3dd143f09c01daea00d67cec9fd7cd2a3ebde85b21b6087c0 Loading...

	static.cdn.admatic.com.tr/cookie.html?bidder=netaddiction&gdpr=0&gdpr_consent=&f=b&uid=eba33a54-3d16-4e79-a18b-da36d57f1cae	ScriptElement	0 B	0001-01-01	2025-05-14
Pretty URL static.cdn.admatic.com.tr/cookie.html?bidder=netaddiction&gdpr=0&gdpr_consent=&f=b&uid=eba33a54-3d16-4e79-a18b-da36d57f1cae IP 172.67.73.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-14 05:24 Times Seen4677408 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade	ScriptElement	237 B	2025-01-09	2025-02-03
Pretty URL recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2025-01-09 02:37 Last Seen2025-02-03 16:48 Times Seen16 Hash 594cf3d27e3e698d6aac5dc75ca8a4b3 0b76bcaec76ebc086c5af9067f419d7bd81b9b7f c0f7e48004eb9efc5582ecc53563cefd6c66e4170d27e441db0b58953b0c616e Loading...

	recipesalba.com/js/news/bootstrap.bundle.min.js	ScriptElement	78 kB	2023-03-07	2025-05-14
Pretty URL recipesalba.com/js/news/bootstrap.bundle.min.js IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:06 Last Seen2025-05-14 02:22 Times Seen4945 Hash 7ccd9d390d31af98110f74f842ea9b32 a85e681624c91a106a514c31eacf80de817b2cc3 f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3 Loading...

	cadmus.script.ac/dahhc4ozyvjm6/script.js	ScriptElement	3 B	2023-03-07	2025-05-14
Pretty URL cadmus.script.ac/dahhc4ozyvjm6/script.js IP 104.18.41.30 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:04 Last Seen2025-05-14 03:43 Times Seen5862 Hash b519d08ef66fd54910edbedba6181ec2 8d06436c33a3086259f2f1ccaf03425707eeff17 101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860 Loading...

	fstatic.netpub.media/extra/cmp/cmp-gdpr.js?v=1	ScriptElement	739 B	2024-12-11	2025-05-13
Pretty URL fstatic.netpub.media/extra/cmp/cmp-gdpr.js?v=1 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-11 18:21 Last Seen2025-05-13 15:33 Times Seen540 Hash aaee79c1ad6d5d6ce8c18aa000285386 3c20aa1526d0d2a123a665e563b3b7427b3b33cb 078ca4194bef5fc3c8e4c9e79f0f65254c1bf602d7c8ad4d589a60052a618074 Loading...

	fstatic.netpub.media/static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143718	ScriptElement	191 kB	2025-02-01	2025-02-03
Pretty URL fstatic.netpub.media/static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143718 IP 104.22.52.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-01 10:53 Last Seen2025-02-03 16:48 Times Seen2 Hash 44891a49b3234615829ce93bb17a1e01 06395b274041bcd108bd77527de34422ec23e54f c0f9147cdd32c47a89fe952ba7926d500f7d32358b7b6c3ff320892bd4fef71f Loading...

	fstatic.netpub.media/renderer/prebid_241216.js	ScriptElement	681 kB	2024-12-20	2025-04-06
Pretty URL fstatic.netpub.media/renderer/prebid_241216.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2024-12-20 17:32 Last Seen2025-04-06 03:38 Times Seen586 Hash 8e95e7a8fe634790d50e7da1f895e075 b80f5a78c1a450fb57be84061f84d1c1f7411a3e 792b9a55a780caaeccdd056084e57fe644b87caa9ba71062c6b3008726c1daac Loading...

	www.googletagmanager.com/gtag/js?id=G-SFD9KDMYHP	ScriptElement	340 kB	2025-02-01	2025-02-01
Pretty URL www.googletagmanager.com/gtag/js?id=G-SFD9KDMYHP IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 6fdada259aeabd27ae88e2db7fdd430e d7342800282f521238558e7f1a5e89e4db6435fe 0b5beb8a9e682d1f5eef9573b39a17a2d8d9f67d4cb5e721bcf56caeda4efe2e Loading...

	static.cdn.admatic.com.tr/sync.html	ScriptElement	0 B	0001-01-01	2025-05-14
Pretty URL static.cdn.admatic.com.tr/sync.html IP 172.67.73.96 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-14 05:24 Times Seen4677408 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	21wiz.com/s.js?v=480a3786f25b10cc21aadc157c93c886	ScriptElement	4.1 kB	2025-02-01	2025-02-01
Pretty URL 21wiz.com/s.js?v=480a3786f25b10cc21aadc157c93c886 IP 172.67.214.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 42accb00f104a6258534800751e5928c b53c79bf90f502f71b90d640a1e1be9c20654c59 4991eb7d7a911a4f368b05941036cac1aebab1433698eb4b557bb8921e1f7072 Loading...

	static.smilewanted.com/js/decode_consent/decode_consent.js	ScriptElement	50 kB	2023-03-07	2025-05-13
Pretty URL static.smilewanted.com/js/decode_consent/decode_consent.js IP 104.22.31.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:12 Last Seen2025-05-13 15:33 Times Seen2561 Hash 00ff8001302d3748ba139466fc3910c1 8210e702fe525e6cddc84758ec51e96a4d703186 eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f Loading...

	unknown	Function	63 kB	2025-01-07	2025-03-04
Pretty Introduced by Function Embedded in HTML false Observations First Seen2025-01-07 12:05 Last Seen2025-03-04 09:41 Times Seen464 Hash d77b839a0e5b446bdee19468820ab6a2 b543b271c0c10ae4b34d9d59d053bf94b1b9087c 0a59bc3e7be55703d600f094c89e04c8d0ff49c9e49674ccaacb58ed874a9244 Loading...

	delivery.r2b2.io/js/7.33.0/online/public/bundle.cbd8417f20c172403260.js	ScriptElement	782 kB	2025-01-14	2025-02-03
Pretty URL delivery.r2b2.io/js/7.33.0/online/public/bundle.cbd8417f20c172403260.js IP 151.101.131.52 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2025-01-14 20:51 Last Seen2025-02-03 16:48 Times Seen30 Hash 34205814d5d169efc59f4c1044261948 2c0820d2ad0f9d3f92d59a75296bc4de99ead8f5 c51c6a2c91a46a5bccc8d55516a97c5a6091bf2500de189f9ea53430941a1d0c Loading...

	21wiz.com/cs/202502011352.js?v=480a3786f25b10cc21aadc157c93c886&_t=1738407144616.616	ScriptElement	125 kB	2025-02-01	2025-02-01
Pretty URL 21wiz.com/cs/202502011352.js?v=480a3786f25b10cc21aadc157c93c886&_t=1738407144616.616 IP 172.67.214.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash db6f6ae8afc7b38d4d75e38556cb5e5c 8a2474b1aa4d8d80da2334730e72834c5c7de015 78307ed0ff58261af6d9eeb3673c5b5a9773c78671bbf19126fac7b00936ea7c Loading...

	gpp.netpub.media/17384071447130.4166040621697784/run.js?v=17384071447130.4166040621697784	ScriptElement	251 B	2024-02-21	2025-05-13
Pretty URL gpp.netpub.media/17384071447130.4166040621697784/run.js?v=17384071447130.4166040621697784 IP 104.22.52.160 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-02-21 20:01 Last Seen2025-05-13 15:33 Times Seen1514 Hash 54f643b0fa8a7d71cb117679a6fbb2ce 573d440c0f9fa4cf53e85cf86a86eba173933a1c 851d2ece063bcac9a5addec55308a32557f978d2daf3950395fc3dc41e9e9336 Loading...

	code.21wiz.com/go/pmap?v=480a3786f25b10cc21aadc157c93c886&sub_id=popunder&fmt_id=7&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&w=1280&h=1024&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030	ScriptElement	37 B	2024-11-08	2025-04-05
Pretty URL code.21wiz.com/go/pmap?v=480a3786f25b10cc21aadc157c93c886&sub_id=popunder&fmt_id=7&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&w=1280&h=1024&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030 IP 172.67.214.3 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-11-08 08:12 Last Seen2025-04-05 16:35 Times Seen164 Hash 88ef3472f65daa49e868b78fbb6b803e f30ea68719a4c44caacc97ab47abde1c4d184b9f 1609218fbb4e5891df63ac0d9a3dc800b045d2e2d47b84bc641326618643c907 Loading...

	csync.smilewanted.com/	ScriptElement	0 B	0001-01-01	2025-05-14
Pretty URL csync.smilewanted.com/ IP 104.22.31.209 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen0001-01-01 00:00 Last Seen2025-05-14 05:24 Times Seen4677408 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	delivery.r2b2.io/get/recipesalba.com/generic/300x300/mobile	ScriptElement	24 kB	2025-02-01	2025-02-01
Pretty URL delivery.r2b2.io/get/recipesalba.com/generic/300x300/mobile IP 151.101.131.52 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash f67a5e504bf12d98548d9479331d32d8 3a3756b9979af3231baa1dace99a2f56259a390d 5ccc8823b47e8d74993e091de77c3b95594325dc8a5db8ffb80e67757a8ef3c2 Loading...

	recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/sandbox%20eval%20code		136 B	2023-04-11	2025-05-14
Pretty URL recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/sandbox%20eval%20code IP 0.0.0.0 ASN #0 Introduced by Embedded in HTML false Observations First Seen2023-04-11 21:23 Last Seen2025-05-14 03:16 Times Seen41752 Hash fb4eb094524daea58bf7f82331598541 f5ca39eb98fa1685f8647514a627d3d7f216f7ef 7cbf1e77bb9277bac7030ded2087246adf5c59564a5a1f28ce8c09be6ef48683 Loading...

	platform.bidgear.com/ads.php?domainid=8585&sizeid=1&zoneid=10281	ScriptElement	2.0 kB	2025-02-01	2025-02-01
Pretty URL platform.bidgear.com/ads.php?domainid=8585&sizeid=1&zoneid=10281 IP 104.26.2.107 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash f3dd061f285d78a3c06e1b6bdc427ea9 bca4e6fa1315da85c76a9c11639048268aae099c d48cf7ab41ce188ddf8c4c7ec834e7edf57c6d330f545c612be102d1d140b3a9 Loading...

	recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade	ScriptElement	167 B	2023-03-14	2025-02-03
Pretty URL recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade IP 188.114.97.1 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML true Observations First Seen2023-03-14 01:22 Last Seen2025-02-03 16:48 Times Seen143 Hash 2664db46e74c867844ed9022ea8425ee 604e1b9ab7a41b6f16e4fb5a24e7b8f27eba8097 93047adf655f33999ab4fead5789d1a7c24674bf03e75a443a2d5c7fc63da1e1 Loading...

	recipesalba.com/js/news/scripts.js	ScriptElement	318 B	2023-03-11	2025-02-03
Pretty URL recipesalba.com/js/news/scripts.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:31 Last Seen2025-02-03 16:48 Times Seen160 Hash d8e2fb68ea2084e9953af99618598e4b 2b1da7b213e008fea0de1cdb744b2a8c8439f2e4 1dd3827d1f24fdef6dd3ee9c96ff047c9b66b100cbc6a960bc549e62aa1cb9f6 Loading...

	script.4dex.io/localstore.js	ScriptElement	1.4 kB	2024-04-16	2025-03-04
Pretty URL script.4dex.io/localstore.js IP 104.26.9.169 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2024-04-16 22:06 Last Seen2025-03-04 09:41 Times Seen3091 Hash 00a8e13a83b2bbab51af8e55f52be363 57340eb5c07e50d96f4a04bd4c220f0f24cec649 3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7 Loading...

	unknown	ScriptElement	314 B	2025-02-01	2025-02-03
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2025-02-01 10:53 Last Seen2025-02-03 16:48 Times Seen2 Hash a1884425d875175c3acfb438ea3af85c 376a007012b24841afa69c7c6b13fba2c2934a05 50e360d5caefd2d4faade276d69ebd5a3796a7325b27cc6de8cbb050c6233cce Loading...

		Size	First Seen	Last Seen
	#1 Eval - 674e2d216b7ba58ca876bc8f27a9ff1e	4.4 kB	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 674e2d216b7ba58ca876bc8f27a9ff1e b679513a955240223814592a4931978e3d9b3d8d dcc421eb1c637d139a0a90b8ddf9d05e69d5aaecc5aae4cdc0ab2cfcb993804b Loading...

		Size	First Seen	Last Seen
	#1 Write - f1b4398fea9bd745c354b0febc0d832d	684 B	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash f1b4398fea9bd745c354b0febc0d832d 5aa6cf64ac2d90d52aad53e9fbfcca810695680e ea2ff7d115d69769ddc8efe853d6fe924d1deda3a26d343ffa74770cd655e332 Loading...

	#2 Write - 454475a8dfe33288a21784d687450f76	22 kB	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 454475a8dfe33288a21784d687450f76 4ba611bfb637a95033b353fb77fee17100d802dd a44de4c4f7c4fea9d1e5baf05c5501001fef3ba13dce94ea0da2ed30007087cb Loading...

	#3 Write - bbb64cc3db5f3f9f6f1e7eff71fcc2e9	5.9 kB	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash bbb64cc3db5f3f9f6f1e7eff71fcc2e9 49b221ca2f6b2336bd4c88bb56420c06bf1266e9 127013ab14353558f8902b11e795f676e9fd5f72ec9b7eeb6f5863a2258c61b1 Loading...

	#4 Write - 881b46276d947efb814800f1ce81462f	20 kB	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 881b46276d947efb814800f1ce81462f 454798724bb5702eae95fce269d3f64ba2141297 15d3de746cfb5702168415ec5ed0fe268c4c31a2146600a003d4eafbf7fc8944 Loading...

	#5 Write - 6553c45531c5479defa3c2198f1605ec	2.0 kB	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 6553c45531c5479defa3c2198f1605ec 98740fb0ca9143009e8395859fb96ad96c740353 935833b4d65b11a2316a63add8d44510edb5826e19d940bc57b9be28772cfd00 Loading...

	#6 Write - 0c4bd8d542bd6b467f814a8e0dccd0be	595 B	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 0c4bd8d542bd6b467f814a8e0dccd0be 2f962f36ebdf3318f510307c41bed048334d8c97 56c505c36a40d02ae3293e2412ed85ca00a1d175a0d7594b14a583ac97bf1e46 Loading...

	#7 Write - 808fb7af0b82f10caa99c0f50f6a9774	717 B	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 808fb7af0b82f10caa99c0f50f6a9774 61f8c80ca3baec900f7e5784f1270a771879e8e9 cc34b9bd5033942f1fd040329c12cbf04962d5290f861d1971474256081d766b Loading...

	#8 Write - 307d4d87366a5e58d3686c79f1d0511a	20 kB	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 307d4d87366a5e58d3686c79f1d0511a 9741aba454cbd5e922ca44a166dd7189952da888 d6b771614a685d2cf0b8cd9f600cdb7215d6f018dd96c5f71e219e2f2e4b09fb Loading...

	#9 Write - 75795f0e76891c5e7cf931b038555934	5.9 kB	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 75795f0e76891c5e7cf931b038555934 a33afb972c2badef375fdfbed5716e08c1b1bc0e e2cce43e2d35b92f47ab265ad44d4810311058502c270ed15989776a13191830 Loading...

	#10 Write - 629298f830a3d44523cd5af8404e7df5	717 B	2025-02-01 10:53	2025-02-01 10:53
Pretty Observations First Seen2025-02-01 10:53 Last Seen2025-02-01 10:53 Times Seen1 Hash 629298f830a3d44523cd5af8404e7df5 4b4dbb275969cc5a2cc2b336939331e621dc7f3d 179827dea22d950024c03ee547e14600ea4c017fc5b3b0628e451196fff7f4dc Loading...

HTTP Transactions (199)

URL IP Response Size

recipesalba.com/images/logos/logo.png

188.114.97.1

200 OK

13 kB

URL
recipesalba.com/images/logos/logo.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 115 x 70, 8-bit/color RGBA, non-interlaced
Size
13 kB (13055 bytes)
Hash
36301318ad2703e48ce4da9f3e6cec5f
27e29b57b11fde595aea9723d165cb8e4ba13458
0c26c7ad0a753635e2c5f5958b62dbcfdb8d150ca56d14384fd88999984d33d5

HTTP Headers

GET /images/logos/logo.png HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: image/png
content-length: 13055
last-modified: Fri, 27 Dec 2024 10:45:48 GMT
etag: "676e855c-32ff"
expires: Thu, 13 Feb 2025 17:42:37 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 1530586
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IBtJA%2By8J0nKJsMlsy5OdT0r6kKzCtOnTuzavYZUYikqNm4fBIaGrWS5zKWQCvupOLI2%2BIeB7VbarTJ7BPcHsdEE6XVGzon3RgU3VY8Oj4Jev3TTav64FZ81eQvf8gveeYo%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b164478b3a5684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4169&min_rtt=4080&rtt_var=1593&sent=27&recv=13&lost=0&retrans=0&sent_bytes=16257&recv_bytes=4678&delivery_rate=144359&cwnd=12000&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=287&x=1", cfExtPri, cfHdrFlush;dur=7

fstatic.netpub.media/static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143718

104.22.52.160

301 Moved Permanently

167 B

URL GET HTTP/2
fstatic.netpub.media/static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143718
IP
104.22.52.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143718 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/service.js
cache-control: max-age=3600
expires: Sat, 01 Feb 2025 11:52:23 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16448ac5b56b4-OSL
X-Firefox-Spdy: h2

fstatic.netpub.media/static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143720

104.22.52.160

301 Moved Permanently

167 B

URL GET HTTP/2
fstatic.netpub.media/static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143720
IP
104.22.52.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143720 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/service.js
cache-control: max-age=3600
expires: Sat, 01 Feb 2025 11:52:23 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16448bc6e56b4-OSL
X-Firefox-Spdy: h2

recipesalba.com/images/news/4d0c20b4db7f.png

188.114.97.1

200 OK

395 kB

URL GET HTTP/3
recipesalba.com/images/news/4d0c20b4db7f.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectrecipesalba.com
Fingerprint01:B7:E3:6E:FF:04:05:A1:D1:17:BA:17:83:B7:48:47:9D:F4:53:09
ValidityThu, 26 Dec 2024 08:33:08 GMT - Wed, 26 Mar 2025 09:21:47 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
395 kB (394996 bytes)
Hash
9d39a2154947fa815c490561e8e86b16
a18fa5bfd330799917bbc57b57bd630a6828d1a5
3bd7182819c6f293eae6a27b24b52b3bc5fc2b9193581c62bc0061261b36dfa7

HTTP Headers

GET /images/news/4d0c20b4db7f.png HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: image/png
content-length: 394996
last-modified: Mon, 07 Aug 2023 11:54:58 GMT
etag: "64d0db92-606f4"
expires: Sun, 02 Mar 2025 18:50:47 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 57696
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gbgMeYN0ojQix6TbDggtMhaRJK5juhde%2BosFih5Z2Di9HXq2uJhFPEpdYUuyouwk7aa4%2FW3JDAUyGUfmjvCgiYAghL8jIh1%2BHbzo%2Bb74NmPHf0CHcWnUSeMvMDc1%2BM8XU90%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16448ac695684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4384&min_rtt=4080&rtt_var=1052&sent=77&recv=17&lost=0&retrans=0&sent_bytes=73438&recv_bytes=5746&delivery_rate=6369627&cwnd=48000&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=467&x=1", cfExtPri, cfHdrFlush;dur=0

fstatic.netpub.media/static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143723

104.22.52.160

301 Moved Permanently

167 B

URL
fstatic.netpub.media/static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143723
IP
104.22.52.160:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143723 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/service.js
cache-control: max-age=3600
expires: Sat, 01 Feb 2025 11:52:23 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16448ecaa56b4-OSL
X-Firefox-Spdy: h2

fstatic.netpub.media/static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143721

104.22.52.160

301 Moved Permanently

167 B

URL
fstatic.netpub.media/static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143721
IP
104.22.52.160:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /static/56d8e76109aad0c06895b24547622d1f.min.js?1738407143721 HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: text/html
content-length: 167
location: https://fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/service.js
cache-control: max-age=3600
expires: Sat, 01 Feb 2025 11:52:23 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16448fcba56b4-OSL
X-Firefox-Spdy: h2

www.googletagmanager.com/gtag/js?id=G-SFD9KDMYHP

142.250.74.168

200 OK

113 kB

URL
www.googletagmanager.com/gtag/js?id=G-SFD9KDMYHP
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
JavaScript source, ASCII text, with very long lines (5960)
Size
113 kB (113025 bytes)
Hash
6fdada259aeabd27ae88e2db7fdd430e
d7342800282f521238558e7f1a5e89e4db6435fe
0b5beb8a9e682d1f5eef9573b39a17a2d8d9f67d4cb5e721bcf56caeda4efe2e

HTTP Headers

GET /gtag/js?id=G-SFD9KDMYHP HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sat, 01 Feb 2025 10:52:23 GMT
expires: Sat, 01 Feb 2025 10:52:23 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-security-policy-report-only: script-src 'none'; form-action 'none'; frame-src 'none'; report-uri https://csp.withgoogle.com/csp/scaffolding/ascgcycc:838:0
cross-origin-opener-policy-report-only: same-origin; report-to=ascgcycc:838:0
report-to: {"group":"ascgcycc:838:0","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/scaffolding/ascgcycc:838:0"}],}
server: Google Tag Manager
content-length: 113025
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

recipesalba.com/images/news/4d0c20b43863.png

188.114.97.1

200 OK

400 kB

URL
recipesalba.com/images/news/4d0c20b43863.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
400 kB (400362 bytes)
Hash
9c0beab4d16200763c78876e2a5ec8d9
9cb4480b3d9c90176f5de940d09857575c6d58fe
fa9695a8ff9387cf836f838da5cca6cfa2750cda4d0e3dbd30b34105fadb6b7b

HTTP Headers

GET /images/news/4d0c20b43863.png HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: image/png
content-length: 400362
last-modified: Mon, 07 Aug 2023 11:54:57 GMT
etag: "64d0db91-61bea"
expires: Sun, 02 Mar 2025 00:58:51 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 122012
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xxDHM8g6nuKCXE5Oys2yp5SUvu9DfDhO6Mdhl%2FAtVWYQqpUOYwmD3XQh1yJhA5gFMTfyIDB5fZ3s8rV8nvbLj9a1g1U89TzvwuX8AWGOiuBEDQTKY3U6UnZ%2BfzMPPKIJLJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16448fcac5684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3747&min_rtt=1619&rtt_var=1114&sent=416&recv=25&lost=0&retrans=0&sent_bytes=479020&recv_bytes=10576&delivery_rate=8708019&cwnd=240000&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=512&x=1", cfExtPri, cfHdrFlush;dur=0

recipesalba.com/images/news/4d0c20a907f2.png

188.114.97.1

200 OK

373 kB

URL GET HTTP/3
recipesalba.com/images/news/4d0c20a907f2.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectrecipesalba.com
Fingerprint01:B7:E3:6E:FF:04:05:A1:D1:17:BA:17:83:B7:48:47:9D:F4:53:09
ValidityThu, 26 Dec 2024 08:33:08 GMT - Wed, 26 Mar 2025 09:21:47 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
373 kB (373377 bytes)
Hash
2d66d855724c33a524abee3a038959a5
1bbedd8c24cce25082409b9e46e737843bee96dc
fc9bebaeb4f804ba97fd13972f6752ac5c27fc7be570fd46d056a854550c71d8

HTTP Headers

GET /images/news/4d0c20a907f2.png HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: image/png
content-length: 373377
last-modified: Mon, 07 Aug 2023 11:54:41 GMT
etag: "64d0db81-5b281"
expires: Thu, 27 Feb 2025 19:39:00 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 314002
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=o6VZy62jxuG7dB4hqouWJmG0ItwQdK%2BL61FG7gqyDwl%2Fu1qOsJtAtIR97I2MyAHOFDryKUjWxrfHKJE9mnagsSGmpEMe%2B859pgiqXvu%2BAHUVvqrY9C6fIwguUHDyZP1HVKY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16448fcad5684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3747&min_rtt=1619&rtt_var=1114&sent=616&recv=25&lost=0&retrans=0&sent_bytes=719020&recv_bytes=10576&delivery_rate=8708019&cwnd=240000&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=513&x=1", cfExtPri, cfHdrFlush;dur=5

recipesalba.com/images/news/4d0c20ab115e.png

188.114.97.1

200 OK

357 kB

URL GET HTTP/3
recipesalba.com/images/news/4d0c20ab115e.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectrecipesalba.com
Fingerprint01:B7:E3:6E:FF:04:05:A1:D1:17:BA:17:83:B7:48:47:9D:F4:53:09
ValidityThu, 26 Dec 2024 08:33:08 GMT - Wed, 26 Mar 2025 09:21:47 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
357 kB (356575 bytes)
Hash
c5f12ea02b895182fb582f94e67f705f
8e53d0936b081b81ea41351af1d66d09a2b3e664
b869609371dd3b946d286a261473c1987cf88e282337a836ac7b9bf9a987255d

HTTP Headers

GET /images/news/4d0c20ab115e.png HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: image/png
content-length: 356575
last-modified: Mon, 07 Aug 2023 11:54:44 GMT
etag: "64d0db84-570df"
expires: Sun, 02 Mar 2025 00:58:51 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 122012
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OK1oG2JtC2pk2RJklonY1lX1w6De0WYiK72le5cH5bNVLvQiQKxOppV3kCQjQNX20IeUnUWJzoElW6MVrrPau%2Bu4OtBqbiNlrkBbPtUwv2%2BExB%2BmkYhaYILsl0J1DuEbyAM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16448fcae5684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3747&min_rtt=1619&rtt_var=1114&sent=616&recv=25&lost=0&retrans=0&sent_bytes=719020&recv_bytes=10576&delivery_rate=8708019&cwnd=240000&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=514&x=1", cfExtPri, cfHdrFlush;dur=4

recipesalba.com/images/news/4d0c20b61cf4.png

188.114.97.1

200 OK

383 kB

URL GET HTTP/3
recipesalba.com/images/news/4d0c20b61cf4.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectrecipesalba.com
Fingerprint01:B7:E3:6E:FF:04:05:A1:D1:17:BA:17:83:B7:48:47:9D:F4:53:09
ValidityThu, 26 Dec 2024 08:33:08 GMT - Wed, 26 Mar 2025 09:21:47 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
383 kB (383080 bytes)
Hash
a0500a084c517498617ebd8fa2d59d89
9ecbb50d604314bed48e25a22f2bb7a18dc4e585
d80ac99d28eb98f3335847a8a9bf21187022929e6c2f0a7a591deb85286ecc38

HTTP Headers

GET /images/news/4d0c20b61cf4.png HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: image/png
content-length: 383080
last-modified: Mon, 07 Aug 2023 11:55:01 GMT
etag: "64d0db95-5d868"
expires: Sun, 02 Mar 2025 00:58:51 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 122012
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GnwLmG8fS8tm%2BdEmc9rO%2FN%2Fh4QrfY4cbHQMc65XjzejYf76SOm3hlQYe1kktBTMJpWTEY4Kq4vf11QCoGl7F3ZnPUNg1JDDPE3EVjnhJZfgermaNBzd5MR1o2UCxCayGTHU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16448fcaf5684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3747&min_rtt=1619&rtt_var=1114&sent=616&recv=25&lost=0&retrans=0&sent_bytes=719020&recv_bytes=10576&delivery_rate=8708019&cwnd=240000&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=514&x=1", cfExtPri, cfHdrFlush;dur=15

imp9.bidgear.com/rec?f=29767&fv=4&g=NO&p=223&t=1&tbg=1738407143&token=f0d6f44757&uuid=e97608e7dbdd4e469b95649914951520&z=10281

104.26.2.107

200 OK

0 B

URL
imp9.bidgear.com/rec?f=29767&fv=4&g=NO&p=223&t=1&tbg=1738407143&token=f0d6f44757&uuid=e97608e7dbdd4e469b95649914951520&z=10281
IP
104.26.2.107:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /rec?f=29767&fv=4&g=NO&p=223&t=1&tbg=1738407143&token=f0d6f44757&uuid=e97608e7dbdd4e469b95649914951520&z=10281 HTTP/1.1
Host: imp9.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:24 GMT
content-length: 0
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=RizfV0R7sWFGGL2EBN6UKfUW8qJGdYtbuqX4UGBRV%2BGUHIqaxacmSZ6wtV9NOgSU8%2B5OfKW1if98cT%2F%2BiMU%2F7FSQQbLxx5PsILPzt2GTuPYYwe2Sj%2BglF92bxnpHSFiHKaE%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164499ae856cc-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=868&min_rtt=478&rtt_var=480&sent=12&recv=12&lost=0&retrans=0&sent_bytes=4875&recv_bytes=1282&delivery_rate=6084033&cwnd=257&unsent_bytes=0&cid=29608e75725e522c&ts=536&x=0"
X-Firefox-Spdy: h2

recipesalba.com/images/news/4d0c20abb459.png

188.114.97.1

200 OK

379 kB

URL
recipesalba.com/images/news/4d0c20abb459.png
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
379 kB (379258 bytes)
Hash
2f41c2d52d165c301f04e490e35b0489
d627fa6a54a6a9d1b992763792f2eb9e578aacd1
325b679ed476e82994b49cb4009c7d7ecf1760ef27375bd1cb4ba62ab57dcd1d

HTTP Headers

GET /images/news/4d0c20abb459.png HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: image/png
content-length: 379258
last-modified: Mon, 07 Aug 2023 11:54:45 GMT
etag: "64d0db85-5c97a"
expires: Sun, 02 Mar 2025 00:58:51 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 122012
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=by%2F7nkOI6%2FLjyG2ACU5Jum4%2Bdow%2BksXKqoheiBtIcdskh1CPzcquNA3XBEctiZRtpQy0MTaTGNbLMmp9BceGJBKoIiqLovFrhwfcitVx%2B1UPKTLf0hwfAk8tyXZXCnI6jv4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16448fcb05684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3747&min_rtt=1619&rtt_var=1114&sent=616&recv=25&lost=0&retrans=0&sent_bytes=719020&recv_bytes=10576&delivery_rate=8708019&cwnd=240000&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=515&x=1", cfExtPri, cfHdrFlush;dur=14

recipesalba.com/images/news/4d0c20b24f65.png

188.114.97.1

200 OK

384 kB

URL GET HTTP/3
recipesalba.com/images/news/4d0c20b24f65.png
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectrecipesalba.com
Fingerprint01:B7:E3:6E:FF:04:05:A1:D1:17:BA:17:83:B7:48:47:9D:F4:53:09
ValidityThu, 26 Dec 2024 08:33:08 GMT - Wed, 26 Mar 2025 09:21:47 GMT

File type
PNG image data, 512 x 512, 8-bit/color RGB, non-interlaced
Size
384 kB (384086 bytes)
Hash
588a3147537d6a1756470b8993bb78b4
85506d8b993d332ab2c6c2aa0c62f433391665ef
9052b32043ccfdb72d5b2617be52dd55d1ba9328b5aae2b4263f3faa71bab38e

HTTP Headers

GET /images/news/4d0c20b24f65.png HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: image/png
content-length: 384086
last-modified: Mon, 07 Aug 2023 11:54:54 GMT
etag: "64d0db8e-5dc56"
expires: Sun, 02 Mar 2025 00:58:51 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 122012
accept-ranges: bytes
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=FVLZs%2Fd4ysOtRG9f0KN6pQXYx0GUOrSZcxEnB1MXMoWXAe0yRFnLCpxun2OPsVVNcfCSShLUXltKC9x70P8mVCxJXGYigcnhX51JKmtX7Z5p8b%2B6tmMpOr3NC7kHQhTucgg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b164498d8e5684-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=12856&min_rtt=1619&rtt_var=18521&sent=1763&recv=29&lost=0&retrans=1&sent_bytes=2091442&recv_bytes=11649&delivery_rate=2999339&cwnd=663300&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=616&x=1", cfExtPri, cfHdrFlush;dur=111

delivery.r2b2.io/get/recipesalba.com/generic/300x300/mobile

151.101.131.52

200 OK

7.3 kB

URL GET HTTP/2
delivery.r2b2.io/get/recipesalba.com/generic/300x300/mobile
IP
151.101.131.52:443
ASN
#54113 FASTLY

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subjectdelivery.r2b2.io
Fingerprint56:E4:20:78:ED:C6:B0:DE:87:6B:2C:49:A0:57:C6:A5:BE:D7:03:1B
ValidityFri, 06 Dec 2024 06:32:50 GMT - Thu, 06 Mar 2025 06:32:49 GMT

File type
HTML document, ASCII text, with very long lines (22630)
Size
7.3 kB (7256 bytes)
Hash
f67a5e504bf12d98548d9479331d32d8
3a3756b9979af3231baa1dace99a2f56259a390d
5ccc8823b47e8d74993e091de77c3b95594325dc8a5db8ffb80e67757a8ef3c2

HTTP Headers

GET /get/recipesalba.com/generic/300x300/mobile HTTP/1.1
Host: delivery.r2b2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
content-type: text/javascript
x-execution-time: 5
x-cache: HIT
x-served-by: cache-hel1410024-HEL
date: Sat, 01 Feb 2025 10:52:24 GMT
content-encoding: br
vary: accept-encoding
accept-ranges: none
X-Firefox-Spdy: h2

delivery.r2b2.io/js/7.33.0/online/public/bundle.cbd8417f20c172403260.js

151.101.131.52

200 OK

248 kB

URL GET HTTP/2
delivery.r2b2.io/js/7.33.0/online/public/bundle.cbd8417f20c172403260.js
IP
151.101.131.52:443
ASN
#54113 FASTLY

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subjectdelivery.r2b2.io
Fingerprint56:E4:20:78:ED:C6:B0:DE:87:6B:2C:49:A0:57:C6:A5:BE:D7:03:1B
ValidityFri, 06 Dec 2024 06:32:50 GMT - Thu, 06 Mar 2025 06:32:49 GMT

File type
JavaScript source, ASCII text, with very long lines (65455)
Size
248 kB (248261 bytes)
Hash
34205814d5d169efc59f4c1044261948
2c0820d2ad0f9d3f92d59a75296bc4de99ead8f5
c51c6a2c91a46a5bccc8d55516a97c5a6091bf2500de189f9ea53430941a1d0c

HTTP Headers

GET /js/7.33.0/online/public/bundle.cbd8417f20c172403260.js HTTP/1.1
Host: delivery.r2b2.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
etag: "67864df9-bed4e"
server: nginx
content-type: text/javascript; charset=utf-8
content-encoding: gzip
expires: Sat, 01 Feb 2025 11:22:21 GMT
cache-control: max-age=10800, public
x-lb-cache: HIT
last-modified: Tue, 14 Jan 2025 11:43:53 GMT
date: Sat, 01 Feb 2025 09:22:44 GMT
age: 5381
accept-ranges: bytes
x-cache: HIT
x-cache-hits: 9247
x-served-by: cache-hel1410025-HEL
content-length: 248261
X-Firefox-Spdy: h2

recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade

188.114.97.1

200 OK

44 kB

URL User Request GET HTTP/2
recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectrecipesalba.com
Fingerprint01:B7:E3:6E:FF:04:05:A1:D1:17:BA:17:83:B7:48:47:9D:F4:53:09
ValidityThu, 26 Dec 2024 08:33:08 GMT - Wed, 26 Mar 2025 09:21:47 GMT

File type
HTML document, Unicode text, UTF-8 text, with very long lines (2312), with CRLF, CR, LF line terminators
Size
44 kB (43642 bytes)
Hash
207ec1fcd5ff88d7717bb0e956fdb2c9
e9dd3d573cd5141a2ad223ccf702784ee5d962e7
bec71c834d768d5c3d99d06d34858a6d0ea1fb626a5962eeed9159665c569598

HTTP Headers

GET /news/842d4af18cd9ce5a67334c40f30b8465/cascade HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Upgrade-Insecure-Requests: 1
Connection: keep-alive
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/8.0.30
set-cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; path=/
XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; expires=Sat, 01-Feb-2025 12:52:23 GMT; Max-Age=7200; path=/; domain=recipesalba.com; secure; samesite=lax
recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D; expires=Sat, 01-Feb-2025 12:52:23 GMT; Max-Age=7200; path=/; domain=recipesalba.com; secure; httponly; samesite=lax
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate, no-cache, private
pragma: no-cache
referrer-policy: no-referrer-when-downgrade
content-security-policy: frame-ancestors 'self';
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=38vtnYUOH2BzQS0bBG7pOVVIkwnXDpn4JPHagjguNKhx%2FDW5sP5l7Eq6kC5f7xYubZeuihH5OY9gogc1D3WS%2BIEOP1WkdrAzFsSobPSGlMhvG6N%2FWoKeAWdWoMq4IeRKP5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b16442fcfd56b7-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=5789&min_rtt=438&rtt_var=10696&sent=7&recv=11&lost=0&retrans=0&sent_bytes=3210&recv_bytes=1157&delivery_rate=7313131&cwnd=254&unsent_bytes=0&cid=16171b8d16d93c1f&ts=457&x=0"
X-Firefox-Spdy: h2

recipesalba.com/js/news/bootstrap.bundle.min.js

188.114.97.1

200 OK

24 kB

URL GET HTTP/3
recipesalba.com/js/news/bootstrap.bundle.min.js
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectrecipesalba.com
Fingerprint01:B7:E3:6E:FF:04:05:A1:D1:17:BA:17:83:B7:48:47:9D:F4:53:09
ValidityThu, 26 Dec 2024 08:33:08 GMT - Wed, 26 Mar 2025 09:21:47 GMT

File type
JavaScript source, ASCII text, with very long lines (65299)
Size
24 kB (24261 bytes)
Hash
7ccd9d390d31af98110f74f842ea9b32
a85e681624c91a106a514c31eacf80de817b2cc3
f5210fa3e7f0245a4c51eb7f280092c0ef99fdd28c45e17dab8cc5854fdf4fd3

HTTP Headers

GET /js/news/bootstrap.bundle.min.js HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: application/javascript
last-modified: Fri, 27 Dec 2024 10:26:24 GMT
vary: Accept-Encoding
etag: W/"676e80d0-13131"
expires: Fri, 07 Feb 2025 20:47:12 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2037911
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=QCmJXNOxBPaBPzVcYDO3oD1qRnWghwBO8oamLkWaUT%2FD48QvQOnNmsHJOSlIAtddCrw7JsWRqneqaRBI4DDwcY8C9SRSojJJk3FuDedKsle36KV4DNL2aj75XFbkbOD0d8Y%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164478b325684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4169&min_rtt=4080&rtt_var=1593&sent=17&recv=13&lost=0&retrans=0&sent_bytes=4257&recv_bytes=4678&delivery_rate=144359&cwnd=12000&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=283&x=1", cfExtPri, cfHdrFlush;dur=0

nakamasweb.com/css/advertising.css

104.21.21.156

200 OK

687 B

URL
nakamasweb.com/css/advertising.css
IP
104.21.21.156:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
687 B (687 bytes)
Hash
2c521908814aedc29286f8471f752f34
a24b676e73a06c2d2d59fe48b3544417814cc546
990863989eb4e4810db9c1787dd78a73c917b5e950c4cdcffb6bd7e7e62a3b77

HTTP Headers

GET /css/advertising.css HTTP/1.1
Host: nakamasweb.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: text/css
last-modified: Mon, 25 Sep 2023 09:42:03 GMT
vary: Accept-Encoding
etag: W/"651155eb-1dc"
cache-control: max-age=2678400
cf-cache-status: HIT
age: 3734
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=M1ogCT3HC1FwJ3Ss5B2eOsejcZbbVWz0788XtT%2Bxx1fG8UDYppVVsWWwgBl2ElFhJkBHUgA%2F49I7Dax20UdM6%2Fcgyy%2BLVTZ7u7a69pdXDaVrWt%2FoNegBmEq0jniG2yWMVw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b16447cc4a0b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=731&min_rtt=552&rtt_var=362&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3281&recv_bytes=1208&delivery_rate=4998849&cwnd=253&unsent_bytes=0&cid=9c2326b25b5b42aa&ts=51&x=0"
X-Firefox-Spdy: h2

recipesalba.com/css/news/styles.css

188.114.97.1

200 OK

34 kB

URL
recipesalba.com/css/news/styles.css
IP
188.114.97.1:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (560)
Size
34 kB (34294 bytes)
Hash
c584dea43fdf95eb875ac2c874115ef7
f3690ecae3e5b5554d9ad5246c751b2ddb3b0102
e43c0d067f1134b3ceadaefbbff08177190bdec558c4a4a5596288ffe325fc3e

HTTP Headers

GET /css/news/styles.css HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: text/css
last-modified: Fri, 27 Dec 2024 10:26:24 GMT
vary: Accept-Encoding
etag: W/"676e80d0-326b4"
expires: Fri, 07 Feb 2025 14:10:35 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 2061707
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=H2f7tBpSC4acamDus3mG%2Br7%2Bcw0ZYuU2xNZu7TWAL4y5NbvHXDZmVmSKxPRZQWY4Fq%2BO7zwNJbCyh0T9MXtyYDTMv4LEdbDqq19LFyQPG5XU%2Bh9MqdV8besDohi%2B%2FQjtXeQ%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164477b2e5684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4169&min_rtt=4080&rtt_var=1593&sent=27&recv=13&lost=0&retrans=0&sent_bytes=16257&recv_bytes=4678&delivery_rate=144359&cwnd=12000&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=284&x=1", cfExtPri, cfHdrFlush;dur=5

cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20250201

151.101.129.229

200 OK

831 B

URL
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json?date=20250201
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
JSON text data
Size
831 B (831 bytes)
Hash
62c50fede3d40963e6bcf7bad05a3961
7d4189ac5632bc0d724f62c0e7348dcf2021154e
3722687fbc8935dc744aecf811883dbc2c0f654cb2a94e1b2cc76e0616cff072

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json?date=20250201 HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.2318
x-jsd-version-type: version
etag: W/"636-fUGJrFYyvA1yT2LA5zSNzyAhFU4"
content-encoding: br
accept-ranges: bytes
date: Sat, 01 Feb 2025 10:52:25 GMT
age: 24690
x-served-by: cache-fra-eddf8230103-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 831
X-Firefox-Spdy: h2

script.4dex.io/localstore.js

104.26.9.169

200 OK

580 B

URL GET HTTP/1.1
script.4dex.io/localstore.js
IP
104.26.9.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectscript.4dex.io
FingerprintFC:CD:C5:57:2D:97:0B:DE:12:64:89:6A:50:66:8B:2D:AD:AF:F1:EB
ValiditySat, 18 Jan 2025 00:29:53 GMT - Fri, 18 Apr 2025 01:29:47 GMT

File type
JavaScript source, ASCII text, with very long lines (1371)
Size
580 B (580 bytes)
Hash
00a8e13a83b2bbab51af8e55f52be363
57340eb5c07e50d96f4a04bd4c220f0f24cec649
3aec57ffa5c31e185202ddaa3b5b9d9872d4504f4546ab4eea1298baaf3c7cc7

HTTP Headers

GET /localstore.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 01 Feb 2025 10:52:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: public, max-age=1800
ETag: W/"00a8e13a83b2bbab51af8e55f52be363"
Last-Modified: Tue, 07 Jan 2025 10:15:56 GMT
Vary: Accept-Encoding
CF-Cache-Status: HIT
Age: 1222790
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ctc6h%2BJIN5eRrWiIIzUm5zi%2FoGcP4FaneSYoFBTqdGg6xxx3A9McV9xXyhgiR3lzbAsQN0mlF5aFJj%2Fdjj6bTiCvUYI%2B8uues8Gv4ysDePyPwoQ8ekZcFMOjGncCYGIz"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 90b16450dda30b02-OSL
Content-Encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=489&min_rtt=405&rtt_var=216&sent=5&recv=8&lost=0&retrans=0&sent_bytes=3177&recv_bytes=1146&delivery_rate=6350877&cwnd=252&unsent_bytes=0&cid=980e94c5eeb541cb&ts=77&x=0"

netpubmedia.rtb.adtarget.biz/pb

172.67.69.246

204 No Content

0 B

URL OPTIONS HTTP/2
netpubmedia.rtb.adtarget.biz/pb
IP
172.67.69.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.rtb.adtarget.biz
Fingerprint07:C3:22:F7:03:7B:7E:D8:F8:09:1C:47:87:08:4A:FE:AF:08:2B:55
ValiditySun, 19 Jan 2025 18:20:17 GMT - Sat, 19 Apr 2025 18:20:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /pb HTTP/1.1
Host: netpubmedia.rtb.adtarget.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://recipesalba.com/
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
access-control-allow-origin: https://recipesalba.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
working-on: adtarget-k8s
working-app: layer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=daI%2BbXPUFy5bNdi%2Fa5PKxlBd0XpCPZ4VYywe1PKxYTN7L%2BA1yN%2F%2F3%2FzUurlhirn1E1UIpuqBJlclSl%2Fub7Mm1cCR%2B%2FdpyYZJ%2BctgWAZU7hiqyjhqgm%2B7r6Xa4nMC3M9f92xXGP6ZOBa1848bcz0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164510d3d56b4-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=2459&min_rtt=382&rtt_var=4113&sent=6&recv=10&lost=0&retrans=0&sent_bytes=2773&recv_bytes=1159&delivery_rate=5199281&cwnd=253&unsent_bytes=0&cid=a1c2e4b312274e39&ts=103&x=0"
X-Firefox-Spdy: h2

prebid.smilewanted.com/

104.22.31.209

204 No Content

0 B

URL POST HTTP/2
prebid.smilewanted.com/
IP
104.22.31.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 337
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: https://recipesalba.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b164519b94b51d-OSL
X-Firefox-Spdy: h2

prebid.smilewanted.com/

104.22.31.209

204 No Content

0 B

URL POST HTTP/2
prebid.smilewanted.com/
IP
104.22.31.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 375
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: https://recipesalba.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b16451bbafb51d-OSL
X-Firefox-Spdy: h2

netpubmedia.rtb.adtarget.biz/pb

172.67.69.246

204 No Content

0 B

URL OPTIONS HTTP/2
netpubmedia.rtb.adtarget.biz/pb
IP
172.67.69.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.rtb.adtarget.biz
Fingerprint07:C3:22:F7:03:7B:7E:D8:F8:09:1C:47:87:08:4A:FE:AF:08:2B:55
ValiditySun, 19 Jan 2025 18:20:17 GMT - Sat, 19 Apr 2025 18:20:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /pb HTTP/1.1
Host: netpubmedia.rtb.adtarget.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 981
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
access-control-allow-origin: https://recipesalba.com
vary: Origin
access-control-allow-credentials: true
x-powered-by: Adtarget
strict-transport-security: max-age=31536000; includeSubDomains
working-on: adtarget-k8s
working-app: layer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ArNXl4I3W7R%2FbXpPiJO8ibIEK8BT4GgxJ3Z0p9ZXWBxPtW4Qai8MI6OzF42oKd%2BC98JRRkbA%2Fia372j4zp%2B%2FSB5T91jj%2BosbvN9LdJV6NU2jYFihNJM1T06mI7otGe4XuyRY5DKg3z%2FSioaVqy8%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b16451bf4bb524-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=1618&min_rtt=457&rtt_var=2232&sent=8&recv=11&lost=0&retrans=0&sent_bytes=2848&recv_bytes=2262&delivery_rate=5474480&cwnd=253&unsent_bytes=0&cid=1ddc3cf500ffc19d&ts=347&x=0"
X-Firefox-Spdy: h2

prebid.a-mo.net/a/c

163.5.194.35

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
163.5.194.35:443
ASN
#60558 Phoenix Nap, LLC.

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA8:82:42:F7:B7:69:5C:8C:D2:11:72:33:75:C9:2D:8D:79:25:8C:B4
ValidityTue, 31 Dec 2024 09:46:04 GMT - Mon, 31 Mar 2025 09:46:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1402
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 01 Feb 2025 10:52:24 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

mp.4dex.io/prebid

104.18.34.178

200 OK

393 B

URL POST HTTP/2
mp.4dex.io/prebid
IP
104.18.34.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectmp.4dex.io
Fingerprint3B:94:35:EA:97:FB:E2:C0:68:A1:C3:AA:6A:C9:30:75:BA:78:1C:5C
ValidityWed, 25 Dec 2024 02:12:12 GMT - Tue, 25 Mar 2025 03:12:08 GMT

File type
gzip compressed data, from Unix
Size
393 B (393 bytes)
Hash
7d22bc39fa92574818caf86cf1ebcd74
e73e38f2a25f922c2b939180c5b44d3a3c30aec8
73afd5a7f2c4c869927fbce21b921046571c82c4ffe3b6d4061e0eacfc084817

HTTP Headers

POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1548
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Splits. no seat with adunits, mapping rule and shaping
x-version: 3.0.0-gcp-ams
x-warn: Parsing the Prebid Request. int_scc_sid, Process Splits. all case seats filetered for: ban_div_netpub_campaign_b7vfjzsdmaxs328e6b
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b16451c98e56c4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

netpubmedia.rtb.adtarget.biz/pb

172.67.69.246

204 No Content

0 B

URL OPTIONS HTTP/2
netpubmedia.rtb.adtarget.biz/pb
IP
172.67.69.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.rtb.adtarget.biz
Fingerprint07:C3:22:F7:03:7B:7E:D8:F8:09:1C:47:87:08:4A:FE:AF:08:2B:55
ValiditySun, 19 Jan 2025 18:20:17 GMT - Sat, 19 Apr 2025 18:20:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /pb HTTP/1.1
Host: netpubmedia.rtb.adtarget.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://recipesalba.com/
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
access-control-allow-origin: https://recipesalba.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
working-on: adtarget-k8s
working-app: layer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FaUli8dEl9%2BjgsblgL5TULCjnjpjMKenEPlyGorZO8KveqLeZOYC7L3uuV3nhsfYyZ3%2F5oH99E8vnpsxJ8sjAsOsZoKxM%2BXIyplQkQm4g2MyC84K1CeQWTL6SI3akPnuewEX1Mmw6I8uVpLFLZc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b16452ef1056b4-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=7268&min_rtt=382&rtt_var=12702&sent=7&recv=12&lost=0&retrans=0&sent_bytes=3559&recv_bytes=1231&delivery_rate=5199281&cwnd=254&unsent_bytes=0&cid=a1c2e4b312274e39&ts=405&x=0"
X-Firefox-Spdy: h2

prebid.a-mo.net/a/c

163.5.194.35

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
163.5.194.35:443
ASN
#60558 Phoenix Nap, LLC.

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA8:82:42:F7:B7:69:5C:8C:D2:11:72:33:75:C9:2D:8D:79:25:8C:B4
ValidityTue, 31 Dec 2024 09:46:04 GMT - Mon, 31 Mar 2025 09:46:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1422
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 01 Feb 2025 10:52:24 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

ghb.console.adtarget.com.tr/v2/auction/

185.83.69.58

200 OK

360 B

URL POST HTTP/1.1
ghb.console.adtarget.com.tr/v2/auction/
IP
185.83.69.58:443
ASN
#55081 24SHELLS

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerZeroSSL
Subjectghb.console.adtarget.com.tr
Fingerprint22:D9:D6:E9:49:E3:E2:65:72:C3:89:D5:6C:35:16:C1:2C:64:21:0F
ValidityFri, 24 Jan 2025 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT

File type
JSON text data
Size
360 B (360 bytes)
Hash
41fdbcf8450bed0234e336f6332bac79
2f4b88515e2f1a79aa9f002f2e7e884b154dcece
330744cd7a195dac1118ffdf47d020cce94ff673e2321ea1767b826d31043654

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 305
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtarget
Date: Sat, 01 Feb 2025 10:52:24 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 360
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

prebid.smilewanted.com/

104.22.31.209

204 No Content

0 B

URL POST HTTP/2
prebid.smilewanted.com/
IP
104.22.31.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 353
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: https://recipesalba.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b16452fcb4b51d-OSL
X-Firefox-Spdy: h2

ghb.console.adtarget.com.tr/v2/auction/

167.235.94.177

200 OK

361 B

URL POST HTTP/1.1
ghb.console.adtarget.com.tr/v2/auction/
IP
167.235.94.177:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerZeroSSL
Subjectghb.console.adtarget.com.tr
Fingerprint22:D9:D6:E9:49:E3:E2:65:72:C3:89:D5:6C:35:16:C1:2C:64:21:0F
ValidityFri, 24 Jan 2025 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT

File type
JSON text data
Size
361 B (361 bytes)
Hash
16b42d19e81c5883cb22d7eddaad3708
ecf86fbd2efff7e54914cd1ea76bc28ded7ef769
a7e13745ccfae704b71c09ed22a33c4832974b8d3b26bfeeb947c715bb0d571b

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 323
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtarget
Date: Sat, 01 Feb 2025 10:52:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 361
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

ghb.console.adtarget.com.tr/v2/auction/

185.83.69.58

200 OK

362 B

URL POST HTTP/1.1
ghb.console.adtarget.com.tr/v2/auction/
IP
185.83.69.58:443
ASN
#55081 24SHELLS

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerZeroSSL
Subjectghb.console.adtarget.com.tr
Fingerprint22:D9:D6:E9:49:E3:E2:65:72:C3:89:D5:6C:35:16:C1:2C:64:21:0F
ValidityFri, 24 Jan 2025 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT

File type
JSON text data
Size
362 B (362 bytes)
Hash
baa4c69ffd4f9c6d408889f9bbc0bd28
bd635865286c628c5b47f34aac3b78d92f038c6e
4b4e8286ebea182f6182c644f9df840bf28348aee9de6ba504bac256aca24cf6

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 315
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtarget
Date: Sat, 01 Feb 2025 10:52:24 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 362
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

prebid.a-mo.net/a/c

163.5.194.35

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
163.5.194.35:443
ASN
#60558 Phoenix Nap, LLC.

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA8:82:42:F7:B7:69:5C:8C:D2:11:72:33:75:C9:2D:8D:79:25:8C:B4
ValidityTue, 31 Dec 2024 09:46:04 GMT - Mon, 31 Mar 2025 09:46:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1506
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 01 Feb 2025 10:52:25 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

recipesalba.com/favicon.ico

188.114.97.1

200 OK

9.4 kB

URL GET HTTP/3
recipesalba.com/favicon.ico
IP
188.114.97.1:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectrecipesalba.com
Fingerprint01:B7:E3:6E:FF:04:05:A1:D1:17:BA:17:83:B7:48:47:9D:F4:53:09
ValidityThu, 26 Dec 2024 08:33:08 GMT - Wed, 26 Mar 2025 09:21:47 GMT

File type
MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel
Size
9.4 kB (9407 bytes)
Hash
6066076243524582998864d98adef8f2
8680c933ca6f05618ba2b7beaa4f656a30b427af
4aed1b5bccdcd6a54b12169c1270c106ab973335d0d3cfbc5ead4a94bd066037

HTTP Headers

GET /favicon.ico HTTP/1.1
Host: recipesalba.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
DNT: 1
Connection: keep-alive
Cookie: PHPSESSID=ls30rigba45q0r31t0eeptf2ig; XSRF-TOKEN=eyJpdiI6IjBwenJMaXdEQ0o2akR1NFMrUUowemc9PSIsInZhbHVlIjoiUUlWTkFBRnBBZ3J2UlBucTQwbXkvbjl0TW55WmdXelFYNHFramtQUlhTQ3E1Zk9lU1pRMkJIVkZJR002T3NFck53VVB3bjF6SHZveWtqNVh1aVZLTEJ0WDlwNWZuM2s0cUJBbWFZc29LenNIMzFFZFZpK2M0NUNTME4yWGZWZmsiLCJtYWMiOiI3NjA2OWVkM2FiYjVlMGViZmQyNTk3NjZiMDc3YmUwZmJlODE0OTU1MzNmMTAzODNjYTg5Mzk5NTkzZTk1YTcyIiwidGFnIjoiIn0%3D; recipesalba_session=eyJpdiI6ImZjS3BFem1FSmdsd2VSb3JQV0NKRnc9PSIsInZhbHVlIjoiOWk1YkZCS1BWWUlrNXM3RTVKcEprd2trNGtxUmMwTTV6a2ROMFFzR1Q2S1ZGMGl1MjM5azZYeHF0bUZxODJhWWZDS1l6SjhoREVLSzI4U3EzQUtpMGJFbllTKzdxWUFoc0JlVDYyeDJ0Zy9ZdE1ieGpPRFEvcXFyN1EyeWQ5SGIiLCJtYWMiOiI0MTMzMDU2Y2U4Y2M5ZmM2NTA0YzlmY2I3NDc3OTA0OGFiYzRjYmE4ZDlhZmU4MzRiMDU0MjdjODlkODA5MTAyIiwidGFnIjoiIn0%3D; _ga_SFD9KDMYHP=GS1.1.1738407144.1.0.1738407144.0.0.0; _ga=GA1.1.760128962.1738407144
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:24 GMT
content-type: image/x-icon
last-modified: Fri, 27 Dec 2024 10:26:24 GMT
etag: W/"676e80d0-3c2e"
expires: Mon, 03 Mar 2025 03:56:47 GMT
cache-control: public, max-age=2592000
cf-cache-status: HIT
age: 24936
priority: u=6,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=N5t9PfhcUQg2oba23Rd%2BkOhmR%2BqluPZFbCN9d2kDfRH4ktipvZ%2BQjQfF8zicj%2BxmtyL1LmNOCcJHYJkmZGjG4K41H%2BjmQWJC6ugFwzsvD0WTzOzT7CbgiHjIvvg4SerMwvY%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b1644efa955684-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=29535&min_rtt=1619&rtt_var=26482&sent=2939&recv=36&lost=567&retrans=569&sent_bytes=3496094&recv_bytes=12935&delivery_rate=1782108&cwnd=330056&unsent_bytes=0&cid=9e0ba7b32e250f35&ts=1476&x=1", cfExtPri, cfHdrFlush;dur=0

prebid.a-mo.net/a/c

163.5.194.35

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
163.5.194.35:443
ASN
#60558 Phoenix Nap, LLC.

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA8:82:42:F7:B7:69:5C:8C:D2:11:72:33:75:C9:2D:8D:79:25:8C:B4
ValidityTue, 31 Dec 2024 09:46:04 GMT - Mon, 31 Mar 2025 09:46:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1446
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 01 Feb 2025 10:52:25 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 2192
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://recipesalba.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

ghb.console.adtarget.com.tr/v2/auction/

167.235.94.177

200 OK

363 B

URL POST HTTP/1.1
ghb.console.adtarget.com.tr/v2/auction/
IP
167.235.94.177:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerZeroSSL
Subjectghb.console.adtarget.com.tr
Fingerprint22:D9:D6:E9:49:E3:E2:65:72:C3:89:D5:6C:35:16:C1:2C:64:21:0F
ValidityFri, 24 Jan 2025 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT

File type
JSON text data
Size
363 B (363 bytes)
Hash
77ec894e7bd31ea814f7167a28510306
73fb84b7a8f1a21e9cd1e8f0e15abe054bc263f3
01ee5d882ddd34a76584223e6dd74f7d42c8640ac84e048a0775ea88c8047816

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 349
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtarget
Date: Sat, 01 Feb 2025 10:52:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 363
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

prebid.smilewanted.com/

104.22.31.209

204 No Content

0 B

URL POST HTTP/2
prebid.smilewanted.com/
IP
104.22.31.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST / HTTP/1.1
Host: prebid.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 430
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
cache-control: private, must-revalidate
pragma: no-cache
expires: -1
access-control-allow-origin: https://recipesalba.com
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b164535d1db51d-OSL
X-Firefox-Spdy: h2

onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1774
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://recipesalba.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1884
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: https://recipesalba.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

netpubmedia.rtb.adtarget.biz/pb

172.67.69.246

204 No Content

0 B

URL OPTIONS HTTP/2
netpubmedia.rtb.adtarget.biz/pb
IP
172.67.69.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.rtb.adtarget.biz
Fingerprint07:C3:22:F7:03:7B:7E:D8:F8:09:1C:47:87:08:4A:FE:AF:08:2B:55
ValiditySun, 19 Jan 2025 18:20:17 GMT - Sat, 19 Apr 2025 18:20:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /pb HTTP/1.1
Host: netpubmedia.rtb.adtarget.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://recipesalba.com/
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
access-control-allow-origin: https://recipesalba.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
working-on: adtarget-k8s
working-app: layer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=U%2BG1qsFhnzEvTGYW3rWQFIN2cRBkN4EuuTnzEvTfkKkbP%2F4EzmEwfOpo1FC69lpcZh53zRgnPJKUrIfb6A6%2BVKu9yUCall73DajnPA8I%2FXq4ymKzKnanKCCpz7%2FDWkwvZmsurms8BDOZLEpXLWk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b16454384c56b4-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=6424&min_rtt=382&rtt_var=11215&sent=8&recv=14&lost=0&retrans=0&sent_bytes=3997&recv_bytes=1303&delivery_rate=5199281&cwnd=255&unsent_bytes=0&cid=a1c2e4b312274e39&ts=610&x=0"
X-Firefox-Spdy: h2

netpubmedia.rtb.adtarget.biz/pb

172.67.69.246

204 No Content

0 B

URL OPTIONS HTTP/2
netpubmedia.rtb.adtarget.biz/pb
IP
172.67.69.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.rtb.adtarget.biz
Fingerprint07:C3:22:F7:03:7B:7E:D8:F8:09:1C:47:87:08:4A:FE:AF:08:2B:55
ValiditySun, 19 Jan 2025 18:20:17 GMT - Sat, 19 Apr 2025 18:20:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /pb HTTP/1.1
Host: netpubmedia.rtb.adtarget.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1106
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
access-control-allow-origin: https://recipesalba.com
vary: Origin
access-control-allow-credentials: true
x-powered-by: Adtarget
strict-transport-security: max-age=31536000; includeSubDomains
working-on: adtarget-k8s
working-app: layer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=W9FHsRpqVoyl%2FxgoFhmPUQCatW3CaIq3A0e%2FtarmTO7mO0rlYV7D8O9Y7lks57niuY8CV%2Fc73RLJJWaOp9husOvVI5VvRTLhNfOBvpp3eAVa4jR0azTSKGgO5YulnnLOdCHJxSJUyu6XG%2Fmmppc%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b16453e978b524-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=6826&min_rtt=457&rtt_var=12089&sent=11&recv=14&lost=0&retrans=0&sent_bytes=3545&recv_bytes=3476&delivery_rate=5474480&cwnd=254&unsent_bytes=0&cid=1ddc3cf500ffc19d&ts=647&x=0"
X-Firefox-Spdy: h2

netpubmedia.rtb.adtarget.biz/pb

172.67.69.246

204 No Content

0 B

URL OPTIONS HTTP/2
netpubmedia.rtb.adtarget.biz/pb
IP
172.67.69.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.rtb.adtarget.biz
Fingerprint07:C3:22:F7:03:7B:7E:D8:F8:09:1C:47:87:08:4A:FE:AF:08:2B:55
ValiditySun, 19 Jan 2025 18:20:17 GMT - Sat, 19 Apr 2025 18:20:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /pb HTTP/1.1
Host: netpubmedia.rtb.adtarget.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://recipesalba.com/
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
access-control-allow-origin: https://recipesalba.com
vary: Origin
access-control-allow-credentials: true
access-control-allow-methods: POST, OPTIONS
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
strict-transport-security: max-age=31536000; includeSubDomains
working-on: adtarget-k8s
working-app: layer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2FfsW9mtP9O%2FoUqGL4TpJn3pStGEZBJMLetieRsi1oWqH4glYkgrWkhh4KBxmMgmkLFa8RWDFFwGd3ruCamA3x4YWgKcSz1fp%2FPXlGkLZB2ePsF2v1tzou1jquVXEqw36hDiINGZtPxH7cRMKu8c%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b16455598256b4-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=5680&min_rtt=382&rtt_var=9900&sent=9&recv=16&lost=0&retrans=0&sent_bytes=4439&recv_bytes=1375&delivery_rate=5199281&cwnd=256&unsent_bytes=0&cid=a1c2e4b312274e39&ts=799&x=0"
X-Firefox-Spdy: h2

ghb.adtelligent.com/v2/auction/

107.151.11.18

200 OK

1.1 kB

URL
ghb.adtelligent.com/v2/auction/
IP
107.151.11.18:0
ASN
#55081 24SHELLS

File type
JSON text data
Size
1.1 kB (1103 bytes)
Hash
c9ba1ad5b5a108a623b9486c51306197
78c0d1cd6bd71d19e62b61bdd19d74a1ff629efe
2047d9d056b17d89f8ef2f1c5257932dc677aea29c9ad791936ec9de13803bff

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 362
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtelligent
Date: Sat, 01 Feb 2025 10:52:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1103
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

cadmus.script.ac/dahhc4ozyvjm6/script.js

104.18.41.30

200 OK

3 B

URL
cadmus.script.ac/dahhc4ozyvjm6/script.js
IP
104.18.41.30:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text
Size
3 B (3 bytes)
Hash
b519d08ef66fd54910edbedba6181ec2
8d06436c33a3086259f2f1ccaf03425707eeff17
101ead936a2281d53dcc064b7e2a2ab0d53b92ef3ef7b34b668673007895c860

HTTP Headers

GET /dahhc4ozyvjm6/script.js HTTP/1.1
Host: cadmus.script.ac
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:25 GMT
content-type: application/javascript
content-length: 3
age: 0
cache-control: public,max-age=259200,stale-while-revalidate=86400,stale-if-error=259200
etag: W/"601055f6a0c6408859f97b5f0a84bdb88441a80e"
last-modified: Mon, 01 Jan 2018 00:00:00 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b16455f830b50b-OSL
X-Firefox-Spdy: h2

script.4dex.io/a/latest/adagio.js

104.26.9.169

200 OK

19 kB

URL GET HTTP/1.1
script.4dex.io/a/latest/adagio.js
IP
104.26.9.169:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectscript.4dex.io
FingerprintFC:CD:C5:57:2D:97:0B:DE:12:64:89:6A:50:66:8B:2D:AD:AF:F1:EB
ValiditySat, 18 Jan 2025 00:29:53 GMT - Fri, 18 Apr 2025 01:29:47 GMT

File type
JavaScript source, ASCII text, with very long lines (63062)
Size
19 kB (19134 bytes)
Hash
15bd4869216609f1ef060f2f770aef45
5dff01fe9c0c04a51feb998f791b427f937859b9
07b3fea34aaae441d8c91e458251c60099d6a3bb37441b4ea7b98d5ec07efd88

HTTP Headers

GET /a/latest/adagio.js HTTP/1.1
Host: script.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Sat, 01 Feb 2025 10:52:25 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1800
ETag: W/"15bd4869216609f1ef060f2f770aef45"
Last-Modified: Tue, 07 Jan 2025 10:15:50 GMT
Vary: Origin, Accept-Encoding
Access-Control-Expose-Headers: 
CF-Cache-Status: HIT
Age: 47883
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0%2B5KVA46d5ZJ3yrKfy0TdFGip5ckhSa%2Bj%2F56e9EQRx83tmx%2FQ6AABlTbkOGCkhWXjTLYrq8FOKAqwA1qllEU6vWWrBRT0Pip3lCZZp5AVmPunJYxPLDYie8gO0LGLIQV"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 90b16455fe7656c1-OSL
Content-Encoding: br
server-timing: cfL4;desc="?proto=TCP&rtt=1000&min_rtt=980&rtt_var=239&sent=5&recv=8&lost=0&retrans=0&sent_bytes=3102&recv_bytes=1053&delivery_rate=4105860&cwnd=252&unsent_bytes=0&cid=73b87c38611e408f&ts=61&x=0"

netpubmedia.rtb.adtarget.biz/pb

172.67.69.246

204 No Content

0 B

URL OPTIONS HTTP/2
netpubmedia.rtb.adtarget.biz/pb
IP
172.67.69.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.rtb.adtarget.biz
Fingerprint07:C3:22:F7:03:7B:7E:D8:F8:09:1C:47:87:08:4A:FE:AF:08:2B:55
ValiditySun, 19 Jan 2025 18:20:17 GMT - Sat, 19 Apr 2025 18:20:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /pb HTTP/1.1
Host: netpubmedia.rtb.adtarget.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1042
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:25 GMT
access-control-allow-origin: https://recipesalba.com
vary: Origin
access-control-allow-credentials: true
x-powered-by: Adtarget
strict-transport-security: max-age=31536000; includeSubDomains
working-on: adtarget-k8s
working-app: layer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=EJrk0MnPL2Xbc3i4Vtp4iIJdpjR2KMnDJvodJgUMbl3Sq5f5urwjH5siehn%2FGm6%2BMES4RnSrUei1HhyLJGL9KJjqgZDY%2FBp%2BqC6hwvDzwLnGtisYEFvNrW8UrkOyEmbEQFd0Hc2F9kWRXLOXSF0%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b16455fc5ab524-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=6032&min_rtt=457&rtt_var=10654&sent=16&recv=19&lost=0&retrans=0&sent_bytes=3983&recv_bytes=6020&delivery_rate=5474480&cwnd=255&unsent_bytes=0&cid=1ddc3cf500ffc19d&ts=935&x=0"
X-Firefox-Spdy: h2

prebid.a-mo.net/a/c

163.5.194.35

204 No Content

0 B

URL POST HTTP/2
prebid.a-mo.net/a/c
IP
163.5.194.35:443
ASN
#60558 Phoenix Nap, LLC.

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA8:82:42:F7:B7:69:5C:8C:D2:11:72:33:75:C9:2D:8D:79:25:8C:B4
ValidityTue, 31 Dec 2024 09:46:04 GMT - Mon, 31 Mar 2025 09:46:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /a/c HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 903
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
cache-control: max-age=0, private, must-revalidate
date: Sat, 01 Feb 2025 10:52:25 GMT
server: envoy
vary: origin, accept-encoding, Accept-Encoding
x-nbr: 1
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 942
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://recipesalba.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

ghb1.adtelligent.com/v2/auction/

107.151.11.18

200 OK

1.1 kB

URL POST HTTP/1.1
ghb1.adtelligent.com/v2/auction/
IP
107.151.11.18:443
ASN
#55081 24SHELLS

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerZeroSSL
Subjectghb1.adtelligent.com
Fingerprint0D:D0:49:54:EC:15:39:A2:9D:39:48:10:A3:D3:92:55:81:38:C2:43
ValidityFri, 24 Jan 2025 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT

File type
JSON text data
Size
1.1 kB (1112 bytes)
Hash
121228aef797cf9b85b622e015dc4d3d
19fa4476333f802e3e2282ee5419e8d1a2096a59
f143e1295ef526c07c3154afa9c4252f534a996c7b0aceab1350020b320925cd

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb1.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 380
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtelligent
Date: Sat, 01 Feb 2025 10:52:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1112
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

netpubmedia.rtb.adtarget.biz/pb

172.67.69.246

204 No Content

0 B

URL OPTIONS HTTP/2
netpubmedia.rtb.adtarget.biz/pb
IP
172.67.69.246:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subject*.rtb.adtarget.biz
Fingerprint07:C3:22:F7:03:7B:7E:D8:F8:09:1C:47:87:08:4A:FE:AF:08:2B:55
ValiditySun, 19 Jan 2025 18:20:17 GMT - Sat, 19 Apr 2025 18:20:16 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /pb HTTP/1.1
Host: netpubmedia.rtb.adtarget.biz
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: application/json
Content-Length: 1286
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:26 GMT
access-control-allow-origin: https://recipesalba.com
vary: Origin
access-control-allow-credentials: true
x-powered-by: Adtarget
strict-transport-security: max-age=31536000; includeSubDomains
working-on: adtarget-k8s
working-app: layer
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=9yEgIvWaWldJwSgLmPcVUMOYUxVvjnkpdkq%2BC16rRtPdK7Q%2FKDnm6MpzbP2f0pb6UYKHaj2RZ4iEg%2BNVt18a9soI7853S4pRoLnTyKbEsZQ1BIEsgZ4GO6UdfO65aOFrq4TKhqfPStMx1FzUk2Q%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164561c89b524-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=5335&min_rtt=457&rtt_var=9384&sent=17&recv=20&lost=0&retrans=0&sent_bytes=4422&recv_bytes=6020&delivery_rate=5474480&cwnd=256&unsent_bytes=0&cid=1ddc3cf500ffc19d&ts=1064&x=0"
X-Firefox-Spdy: h2

ghb2.adtelligent.com/v2/auction/

107.151.11.18

200 OK

1.1 kB

URL
ghb2.adtelligent.com/v2/auction/
IP
107.151.11.18:0
ASN
#55081 24SHELLS

File type
JSON text data
Size
1.1 kB (1102 bytes)
Hash
875157627c5f29edcefbb607a75ac474
580062df7e7ae66b7d1852586104859a6c4b85b0
76102af15798e7c1e60b81acb84029f4f957da50fbef424655d5b085eefe34cf

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb2.adtelligent.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 367
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtelligent
Date: Sat, 01 Feb 2025 10:52:25 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 1102
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

pl.21wiz.com/frndnp.php?ver=1&autoplay=1&v=480a3786f25b10cc21aadc157c93c886&cb=e09ad56a-9cee-4527-9627-a4a63e03c4d5&fclose=false&jh=cpzse3jqgeazq4m4f3ts65e&sth=qp4gn7djcczdrcmzpf7nha5xpw&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&cdiv=71&frnd=true&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&country=NO&spy=yes&tls=no&instant=yes

172.67.214.3

200 OK

13 kB

URL
pl.21wiz.com/frndnp.php?ver=1&autoplay=1&v=480a3786f25b10cc21aadc157c93c886&cb=e09ad56a-9cee-4527-9627-a4a63e03c4d5&fclose=false&jh=cpzse3jqgeazq4m4f3ts65e&sth=qp4gn7djcczdrcmzpf7nha5xpw&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&cdiv=71&frnd=true&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&country=NO&spy=yes&tls=no&instant=yes
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (28673)
Size
13 kB (12769 bytes)
Hash
dbb1a613a21bdea30e1e223b23e7808c
43e7a1d354d30550717f6a5ec742ef2cf7218d09
4002fcdddfe03cd1959215f2a981566df4330635881e31ff371ca734f4baf59d

HTTP Headers

GET /frndnp.php?ver=1&autoplay=1&v=480a3786f25b10cc21aadc157c93c886&cb=e09ad56a-9cee-4527-9627-a4a63e03c4d5&fclose=false&jh=cpzse3jqgeazq4m4f3ts65e&sth=qp4gn7djcczdrcmzpf7nha5xpw&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&cdiv=71&frnd=true&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&country=NO&spy=yes&tls=no&instant=yes HTTP/1.1
Host: pl.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:26 GMT
content-type: text/html; charset=UTF-8
server: cloudflare
vary: Accept-Encoding
x-cache: Yac
x-movieads-country: NO
cf-cache-status: DYNAMIC
priority: u=3,i=?0
content-encoding: br
cf-ray: 90b16458daa20b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfExtPri

code.21wiz.com/go/pixel?v=480a3786f25b10cc21aadc157c93c886&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fmt_id=1&rnd=1738407146.3925

172.67.214.3

200 OK

0 B

URL
code.21wiz.com/go/pixel?v=480a3786f25b10cc21aadc157c93c886&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fmt_id=1&rnd=1738407146.3925
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go/pixel?v=480a3786f25b10cc21aadc157c93c886&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fmt_id=1&rnd=1738407146.3925 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:26 GMT
content-type: image/jpeg
content-length: 0
x-wizads-udata: cache,parsed,73009
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
set-cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; max-age=157680000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ww0Fw2ljF7zQUPAQanrp3h7i9q9L4JZBrp6QoDO12OkhBaOw6xiOIEqokMTgWb%2B1h%2BHRc64nj6UcIZCsMHL2xl0c8WTTXsc3wT8Od1xBysijEeYozTyRs3MrOyMSWvSwsg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164596b120b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5118&min_rtt=2053&rtt_var=4572&sent=125&recv=27&lost=0&retrans=0&sent_bytes=122657&recv_bytes=4984&delivery_rate=250649&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=2794&x=1", cfExtPri, cfHdrFlush;dur=0

mp.4dex.io/prebid

104.18.34.178

200 OK

633 B

URL POST HTTP/2
mp.4dex.io/prebid
IP
104.18.34.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectmp.4dex.io
Fingerprint3B:94:35:EA:97:FB:E2:C0:68:A1:C3:AA:6A:C9:30:75:BA:78:1C:5C
ValidityWed, 25 Dec 2024 02:12:12 GMT - Tue, 25 Mar 2025 03:12:08 GMT

File type
gzip compressed data, from Unix
Size
633 B (633 bytes)
Hash
2ea3aea25a6b245c811effebfda74c07
8da10bc4ec21488a31ec979f159cc2b888d9c316
354834db00bff7d9497ce6d874ac2c51e3bee19c75b7884d41f279de01195d03

HTTP Headers

POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 1497
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Splits. no seat with adunits, mapping rule and shaping
x-version: 3.0.0-gcp-ams
x-warn: Process Splits. all case seats filetered for: ban_mobile_recipesalba.com_generic_300x300
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b164561f1056c4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

sync.vqserve.com/match/stream

87.242.104.235

302 Found

0 B

URL GET HTTP/1.1
sync.vqserve.com/match/stream
IP
87.242.104.235:443
ASN
#50340 JSC Selectel

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerSectigo Limited
Subject*.vqserve.com
FingerprintD7:B2:A2:51:6C:19:09:65:AB:29:3E:C2:8A:42:8E:E5:56:AE:46:1C
ValidityWed, 02 Oct 2024 00:00:00 GMT - Thu, 02 Oct 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/stream HTTP/1.1
Host: sync.vqserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 01 Feb 2025 10:52:26 GMT
Content-Length: 0
Connection: keep-alive
Location: https://sm.rtb.mts.ru/p?ssp=viqeo&id=A1TGS2doidPqoJGVUWT74Z9aXd
Set-Cookie: rid=A1TGS2doidPqoJGVUWT74Z9aXd; expires=Mon, 03 Mar 2025 10:52:26 GMT; domain=vqserve.com; path=/; HttpOnly; secure; SameSite=None
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Length,Content-Range

code.21wiz.com/go/pmap?v=480a3786f25b10cc21aadc157c93c886&sub_id=popunder&fmt_id=7&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&w=1280&h=1024&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030

172.67.214.3

200 OK

138 B

URL
code.21wiz.com/go/pmap?v=480a3786f25b10cc21aadc157c93c886&sub_id=popunder&fmt_id=7&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&w=1280&h=1024&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
138 B (138 bytes)
Hash
b771768655e37137b4ad76ad11e7d61d
d46ebd2a2d87023c99aa16af1b701962d86e38b4
7f8f261bc86b71dce6a8aec6146452cb7e44543a86f91953ddc113d8c8e96a7c

HTTP Headers

GET /go/pmap?v=480a3786f25b10cc21aadc157c93c886&sub_id=popunder&fmt_id=7&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&w=1280&h=1024&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:25 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-wizads-udata: cache,parsed,133878
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Ey%2BgckZ%2Fc5jeB7CpALi3u3VwllxKmpx0ZjLf%2Bxx8vRYbM67Mnj2SpkdsvGqM1j%2FXoIguc8DpSoFefVv7Lfa7xvMDPmlkwXRTgmAEYZut8u2zygwJxPSR%2FaX3xQcTVx0Jfg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b1645598080b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=8367&min_rtt=2053&rtt_var=7303&sent=50&recv=15&lost=0&retrans=0&sent_bytes=45256&recv_bytes=2529&delivery_rate=9883&cwnd=37200&unsent_bytes=0&cid=647b1420534dce91&ts=2184&x=1", cfExtPri, cfHdrFlush;dur=0

code.21wiz.com/go/csync?cn=bcbn&bid=821acca39e82d4f131c11446d346ddf6

172.67.214.3

200 OK

0 B

URL
code.21wiz.com/go/csync?cn=bcbn&bid=821acca39e82d4f131c11446d346ddf6
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /go/csync?cn=bcbn&bid=821acca39e82d4f131c11446d346ddf6 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:26 GMT
content-type: image/jpeg
content-length: 0
set-cookie: bcbn=821acca39e82d4f131c11446d346ddf6; max-age=86400; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gE64ttEPG9VMbL1d9g2wGMoFggAS4MHRJNVhidgUFuc06hE%2F6XA%2BG%2F0F%2FZU3ytWbNls4zNjdnoV3kXa7Tv7KlCA9XT5AC7qRr%2BPWllI05TnGpjGO4AKc682uE2PwfG0e3w%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b1645c2d1c0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4675&min_rtt=1577&rtt_var=4314&sent=127&recv=29&lost=0&retrans=0&sent_bytes=123493&recv_bytes=5372&delivery_rate=169906&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=3237&x=1", cfExtPri, cfHdrFlush;dur=0

logger.21wiz.com/logger?v=480a3786f25b10cc21aadc157c93c886&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A0.599%2C%22version%22%3A%221738328829726%22%2C%22vt%22%3A100%2C%22dv%22%3Atrue%2C%22l%22%3A%22https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade%22%2C%22scr%22%3A%7B%22w%22%3A1280%2C%22h%22%3A1024%2C%22c%22%3A24%2C%22iw%22%3A400%2C%22ih%22%3A225%7D%7D&o=&s2=1

172.67.214.3

200 OK

183 B

URL
logger.21wiz.com/logger?v=480a3786f25b10cc21aadc157c93c886&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A0.599%2C%22version%22%3A%221738328829726%22%2C%22vt%22%3A100%2C%22dv%22%3Atrue%2C%22l%22%3A%22https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade%22%2C%22scr%22%3A%7B%22w%22%3A1280%2C%22h%22%3A1024%2C%22c%22%3A24%2C%22iw%22%3A400%2C%22ih%22%3A225%7D%7D&o=&s2=1
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
183 B (183 bytes)
Hash
43e7ed7bd1a5dd24a0060c6ea610afc9
444d49b06c9b7a46b81cd3f4257d95cfe76f82e7
380857562d1fb9b9579c0a14a5d479bd3e18661122e21dcdb768787b77448314

HTTP Headers

GET /logger?v=480a3786f25b10cc21aadc157c93c886&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&t=player_loaded&a=&m=%7B%22sub_id%22%3A%22ap%22%2C%22loadTime%22%3A0.599%2C%22version%22%3A%221738328829726%22%2C%22vt%22%3A100%2C%22dv%22%3Atrue%2C%22l%22%3A%22https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade%22%2C%22scr%22%3A%7B%22w%22%3A1280%2C%22h%22%3A1024%2C%22c%22%3A24%2C%22iw%22%3A400%2C%22ih%22%3A225%7D%7D&o=&s2=1 HTTP/1.1
Host: logger.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:27 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-logger-le: true
x-logger-tdb: wizads
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Yxzk7L3aWdiMBtI9TNvjeCcwPuu9Id3GvPZDjcvjvDa69MuYWo9L3x1KFkriciDgaq8Nyg4k6EGy1bGs1wPpRmtaAt8%2B4n4AtCbyDdzChBbaFaUr6mdDg961NQzgykoyiW3H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b1645cfdae0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4326&min_rtt=1577&rtt_var=3934&sent=129&recv=31&lost=0&retrans=0&sent_bytes=124238&recv_bytes=6002&delivery_rate=11449&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=3364&x=1", cfExtPri, cfHdrFlush;dur=0

code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=sdyn&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf

172.67.214.3

200 OK

36 B

URL
code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=sdyn&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with no line terminators
Size
36 B (36 bytes)
Hash
b0852443795fa031cca5c56bd0e95c7c
d8da61aa529e061fbcd2da5f4435de35d43ec066
6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

HTTP Headers

GET /vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=sdyn&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:27 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,73010
x-wizads-referrer: https://recipesalba.com/
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 12rmads=1738407147; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ZpMGTjHO8PfoC37G%2BgeCukXr62%2FDYWy05UGY2EX1RAgC1pZGCsAfbH5hemGQOpCD4h66KRlDIcPY0pTCs6gkwopWIbykkzxnrkMBkq%2FbCL4Vmx6fE2nEp1TuoSfvcVfKYw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b1645fb89f0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5538&min_rtt=1577&rtt_var=3548&sent=156&recv=49&lost=0&retrans=0&sent_bytes=139421&recv_bytes=13582&delivery_rate=47637&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=3997&x=1", cfExtPri, cfHdrFlush;dur=0

code.21wiz.com/go/jmap?v=480a3786f25b10cc21aadc157c93c886&sid=ap&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&it=1&tq=2&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf&session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&position=pre&vt=100&ostream=true&isp=0&suri=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&rnd=1738407147366&raw=yes&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030

172.67.214.3

200 OK

6.4 kB

URL
code.21wiz.com/go/jmap?v=480a3786f25b10cc21aadc157c93c886&sid=ap&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&it=1&tq=2&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf&session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&position=pre&vt=100&ostream=true&isp=0&suri=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&rnd=1738407147366&raw=yes&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
6.4 kB (6418 bytes)
Hash
3568ea49dc9941e7351804a6d4cfab7c
6f18a2da08e7c54a1a0f691c932c7bd89ccd2fe1
cf56dd543278dc73d27c83115a64c44deb6bebecf6448abbffa9589dea35413a

HTTP Headers

GET /go/jmap?v=480a3786f25b10cc21aadc157c93c886&sid=ap&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&it=1&tq=2&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf&session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&position=pre&vt=100&ostream=true&isp=0&suri=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&rnd=1738407147366&raw=yes&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:27 GMT
content-type: application/json;charset=UTF-8
vary: Accept-Encoding
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-go-country: NO
x-wizads-udata: cache,parsed,143544
x-wizads-plc: 0
x-wizads-ark: true
x-wizads-qmc: NO
x-wizads-rdb: 2
x-wizads-alc: 23
x-wizads-ctvs: 23
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iyeGLU5VMeQzPkhAgklXgBv8iNjn63dfS0ldF2yUc9cd1kYf5E%2B9qxhHWOx8rAgzYJBm3jqnPy51NBVsW17QOfOjhcUG%2FdTo0p8WMXFEZpdu6x%2B4y7%2F%2BNmbG1Q9ywA%2BZsw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b1645f1fed0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: validations_698;dur=0.0000, validations_717;dur=0.0000, keyValidation;dur=0.0000, initBuilder;dur=1.0000, getLinks;dur=0.0000, validations_303;dur=0.0000, validations_6;dur=0.0000, jmapParams;dur=0.0000, uData;dur=0.0000, validations_646;dur=0.0000, getAnyQueue;dur=1.0000, validations_110;dur=0.0000, optProc;dur=0.0000, validations_634;dur=0.0000, validations_182;dur=0.0000, getJson;dur=0.0000, validations_36;dur=0.0000, queueSort;dur=0.0000, wmData;dur=0.0000, range_links;dur=0.0000, validations_696;dur=0.0000, validations_186;dur=0.0000, queuesMerge;dur=0.0000, attachTracking;dur=0.0000, corsParams;dur=0.0000, qManager;dur=2.0000, buildTagsQueue;dur=1.0000, validations_715;dur=0.0000, cfL4;desc="?proto=QUIC&rtt=4027&min_rtt=1577&rtt_var=3548&sent=132&recv=33&lost=0&retrans=0&sent_bytes=125079&recv_bytes=6715&delivery_rate=22325&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=3706&x=1", cfExtPri, cfHdrFlush;dur=0

onetag-sys.com/usync/?cb=1738407145749

51.38.120.206

204 No Content

0 B

URL GET HTTP/2
onetag-sys.com/usync/?cb=1738407145749
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?cb=1738407145749 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

onetag-sys.com/usync/?pubId=59a18369e249bfb

51.38.120.206

204 No Content

0 B

URL
onetag-sys.com/usync/?pubId=59a18369e249bfb
IP
51.38.120.206:0
ASN
#16276 OVH SAS

Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?pubId=59a18369e249bfb HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

code.21wiz.com/go/bmap?v=480a3786f25b10cc21aadc157c93c886&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&tanc=&ancs=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030

172.67.214.3

200 OK

23 kB

URL
code.21wiz.com/go/bmap?v=480a3786f25b10cc21aadc157c93c886&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&tanc=&ancs=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
23 kB (23219 bytes)
Hash
b90b410ee28a0b4301a3da976a8bbd13
d95d8d8ef8545507082732247f101e0883b728ab
50236da860aa5db5c581a5acfa63d15af3fb2a205308a047ea0e6b7c7d5f037f

HTTP Headers

GET /go/bmap?v=480a3786f25b10cc21aadc157c93c886&sub_id=ap&fmt_id=4&pl_key=banner&testad=no&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&tanc=&ancs=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407147; 41rmads=1738407147; 119rmads=1738407147; 193rmads=1738407147; 664rmads=1738407147; 12rmads=1738407147; 718rmads=1738407147; 197rmads=1738407147; 739rmads=1738407147; 651rmads=1738407147; 741rmads=1738407147; 720rmads=1738407148
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:28 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-wizads-udata: cache,parsed,160344
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=PcVS00puTij3QWcoVBDGQSqzqnz2nYWTQRkYW%2BG7ug%2FOh5r72XAH1dCej3Ls1y0AeTEKfclI2NcNAWT3hAM%2BcpS3g5fjS7gYFo5IePrXYb0xB%2BOa%2B%2BEzPg6Jc62mzdRj%2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b1646878050b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5690&min_rtt=1577&rtt_var=5330&sent=168&recv=59&lost=0&retrans=0&sent_bytes=147225&recv_bytes=16787&delivery_rate=49691&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=5211&x=1", cfExtPri, cfHdrFlush;dur=0

csync.smilewanted.com/

104.22.31.209

200 OK

1.9 kB

URL GET HTTP/2
csync.smilewanted.com/
IP
104.22.31.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type
JavaScript source, ASCII text, with very long lines (1932)
Size
1.9 kB (1871 bytes)
Hash
a3257537a19225abc2a3d1bf0361f7ef
c6bc3f76db048cd34e31a68be812b812ecf69eb6
0c8c4d2f609fe547447a9384eb12505f9a0e47da4eeadf0b1e018456cfcb36cc

HTTP Headers

GET / HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b16469bb07b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D

163.5.194.35

302 Found

0 B

URL GET
prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D
IP
163.5.194.35:0
ASN
#60558 Phoenix Nap, LLC.

Requested by
https://static.cdn.admatic.com.tr/sync.html
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA8:82:42:F7:B7:69:5C:8C:D2:11:72:33:75:C9:2D:8D:79:25:8C:B4
ValidityTue, 31 Dec 2024 09:46:04 GMT - Mon, 31 Mar 2025 09:46:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.cdn.admatic.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Sat, 01 Feb 2025 10:52:29 GMT
location: https://prebid.admatic.com.tr/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

onetag-sys.com/usync/?tag=img&redir=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=0&gdpr_consent=&us_privacy=

51.38.120.206

302 Found

0 B

URL
onetag-sys.com/usync/?tag=img&redir=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=0&gdpr_consent=&us_privacy=
IP
51.38.120.206:0
ASN
#16276 OVH SAS

Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?tag=img&redir=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Donetag%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%24%7BUSER_TOKEN%7D&gdpr=0&gdpr_consent=&us_privacy= HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.cdn.admatic.com.tr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
cache-control: no-store
location: https://prebid.admatic.com.tr/setuid?bidder=onetag&gdpr=0&gdpr_consent=&f=i&uid=
content-length: 0
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

user-sync.adxpremium.services/setuid?bidder=luponmedia&uid=GET&redirect_url=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dluponmedia%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D

104.22.51.178

301 Moved Permanently

167 B

URL
user-sync.adxpremium.services/setuid?bidder=luponmedia&uid=GET&redirect_url=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dluponmedia%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D
IP
104.22.51.178:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /setuid?bidder=luponmedia&uid=GET&redirect_url=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dluponmedia%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP/1.1
Host: user-sync.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.cdn.admatic.com.tr/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 01 Feb 2025 10:52:29 GMT
content-type: text/html
content-length: 167
location: https://go-sync.adxpremium.services/static/setuid.html?bidder=luponmedia&uid=GET&redirect_url=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dluponmedia%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D
cache-control: max-age=3600
expires: Sat, 01 Feb 2025 11:52:29 GMT
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b1646e8a6356c6-OSL
X-Firefox-Spdy: h2

prebid.admatic.com.tr/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=

172.67.73.96

301 Moved Permanently

167 B

URL GET
prebid.admatic.com.tr/setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
IP
172.67.73.96:0
ASN
#13335 CLOUDFLARENET

Requested by
https://static.cdn.admatic.com.tr/sync.html
Certificate
IssuerLet's Encrypt
Subjectprebid.admatic.com.tr
FingerprintE3:09:23:F6:1B:DF:09:F8:06:BC:A5:32:B7:4B:77:1E:FD:17:BD:70
ValidityTue, 07 Jan 2025 04:52:19 GMT - Mon, 07 Apr 2025 04:52:18 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid= HTTP/1.1
Host: prebid.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.cdn.admatic.com.tr/
DNT: 1
Connection: keep-alive
Cookie: adplus_digital_id=0.dtqhamnu4p
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 301 Moved Permanently
date: Sat, 01 Feb 2025 10:52:29 GMT
content-type: text/html
content-length: 167
location: https://static.cdn.admatic.com.tr/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
cache-control: max-age=3600
expires: Sat, 01 Feb 2025 11:52:29 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=6kCMTH%2B3tz3AweoCvnq6TNp6pg2qmuStD0J%2BUDQEQvSFxXFjUlaZdcpsoWpSGmzId8QNWEg2XndVuULIchtYhUtrxzKxEnQ5hpiq%2FEGZWUuUB1i%2FUMOdHiiAovsnJTBgSMMV%2BVkHNg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b1646f6d5456c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

onetag-sys.com/usync/?pubId=7f5d22b0006ab5a

51.38.120.206

204 No Content

0 B

URL GET HTTP/2
onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://csync.smilewanted.com/
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?pubId=7f5d22b0006ab5a HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

prebid.admatic.com.tr/setuid?bidder=onetag&gdpr=0&gdpr_consent=&f=i&uid=

172.67.73.96

301 Moved Permanently

167 B

URL GET HTTP/2
prebid.admatic.com.tr/setuid?bidder=onetag&gdpr=0&gdpr_consent=&f=i&uid=
IP
172.67.73.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://static.cdn.admatic.com.tr/sync.html
Certificate
IssuerLet's Encrypt
Subjectprebid.admatic.com.tr
FingerprintE3:09:23:F6:1B:DF:09:F8:06:BC:A5:32:B7:4B:77:1E:FD:17:BD:70
ValidityTue, 07 Jan 2025 04:52:19 GMT - Mon, 07 Apr 2025 04:52:18 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /setuid?bidder=onetag&gdpr=0&gdpr_consent=&f=i&uid= HTTP/1.1
Host: prebid.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.cdn.admatic.com.tr/
DNT: 1
Connection: keep-alive
Cookie: adplus_digital_id=0.dtqhamnu4p
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: text/html
content-length: 167
location: https://static.cdn.admatic.com.tr/cookie.html?bidder=onetag&gdpr=0&gdpr_consent=&f=i&uid=
cache-control: max-age=3600
expires: Sat, 01 Feb 2025 11:52:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=XAhvGw0IpSgswNf1NL4QeW6Gid5tZIGCNbdgJqaZILP1lFJ4m3X8csijuqleGGKvPMiYLfyatpCPvBsB0PizSsvmT4mEAYQU3eBiQUHqjosTezfodF3z4piWNldn88mjV%2F1Ad7Z3tw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b1646fcdc556c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

prebid.admatic.com.tr/setuid?bidder=admatic&gdpr=0&gdpr_consent=&f=b&uid=b8efb380-4c72-4057-9d25-b4aaec7db4da

172.67.73.96

301 Moved Permanently

167 B

URL GET HTTP/2
prebid.admatic.com.tr/setuid?bidder=admatic&gdpr=0&gdpr_consent=&f=b&uid=b8efb380-4c72-4057-9d25-b4aaec7db4da
IP
172.67.73.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://static.cdn.admatic.com.tr/sync.html
Certificate
IssuerLet's Encrypt
Subjectprebid.admatic.com.tr
FingerprintE3:09:23:F6:1B:DF:09:F8:06:BC:A5:32:B7:4B:77:1E:FD:17:BD:70
ValidityTue, 07 Jan 2025 04:52:19 GMT - Mon, 07 Apr 2025 04:52:18 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /setuid?bidder=admatic&gdpr=0&gdpr_consent=&f=b&uid=b8efb380-4c72-4057-9d25-b4aaec7db4da HTTP/1.1
Host: prebid.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.cdn.admatic.com.tr/
DNT: 1
Connection: keep-alive
Cookie: adplus_digital_id=0.dtqhamnu4p
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 301 Moved Permanently
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: text/html
content-length: 167
location: https://static.cdn.admatic.com.tr/cookie.html?bidder=admatic&gdpr=0&gdpr_consent=&f=b&uid=b8efb380-4c72-4057-9d25-b4aaec7db4da
cache-control: max-age=3600
expires: Sat, 01 Feb 2025 11:52:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xeYy46ukgHcZ6clBfzhOcWjVvKXIYOtcG3gfDisiNa9oi5AaXVuFLJxbviaveB4dEx0mpOk9XInPki2yXXOIevFs8a1btw5uAMLCngbcwVtyb697LfpBvKnARMdG3wXQn%2FFwsIuERw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b1646fddd656c5-OSL
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

prebid.admatic.com.tr/setuid?bidder=pixad&gdpr=0&gdpr_consent=&f=b&uid=683baa5c-6c9c-4053-9f97-20479c87683b

172.67.73.96

301 Moved Permanently

167 B

URL GET HTTP/3
prebid.admatic.com.tr/setuid?bidder=pixad&gdpr=0&gdpr_consent=&f=b&uid=683baa5c-6c9c-4053-9f97-20479c87683b
IP
172.67.73.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://static.cdn.admatic.com.tr/sync.html
Certificate
IssuerLet's Encrypt
Subjectprebid.admatic.com.tr
FingerprintE3:09:23:F6:1B:DF:09:F8:06:BC:A5:32:B7:4B:77:1E:FD:17:BD:70
ValidityTue, 07 Jan 2025 04:52:19 GMT - Mon, 07 Apr 2025 04:52:18 GMT

File type
HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
0104c301c5e02bd6148b8703d19b3a73
7436e0b4b1f8c222c38069890b75fa2baf9ca620
446a6087825fa73eadb045e5a2e9e2adf7df241b571228187728191d961dda1f

HTTP Headers

GET /setuid?bidder=pixad&gdpr=0&gdpr_consent=&f=b&uid=683baa5c-6c9c-4053-9f97-20479c87683b HTTP/1.1
Host: prebid.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.cdn.admatic.com.tr/
DNT: 1
Connection: keep-alive
Cookie: adplus_digital_id=0.dtqhamnu4p
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 301 Moved Permanently
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: text/html
content-length: 167
location: https://static.cdn.admatic.com.tr/cookie.html?bidder=pixad&gdpr=0&gdpr_consent=&f=b&uid=683baa5c-6c9c-4053-9f97-20479c87683b
cache-control: max-age=3600
expires: Sat, 01 Feb 2025 11:52:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=I9O4XPu%2B6ZhDZ99fe3Plb6S4E21Z3Xdaixtkf1EZHfJ7%2B1HzWAa4P5WoGFxRzGic%2BPfqRA%2BbxHLth6%2Bh664hHp6kbY7zJS9S2lhf1CuLrd5hVWmqsVjCQjoWMJZBHW6NgtCdS3%2F9WA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b1646ffed2b4ff-OSL
alt-svc: h3=":443"; ma=86400

prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2F%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D

163.5.194.35

302 Found

0 B

URL GET HTTP/2
prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2F%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D
IP
163.5.194.35:443
ASN
#60558 Phoenix Nap, LLC.

Requested by
https://dsp-service.netaddiction.tech/cookie_sync?r=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dnetaddiction%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA8:82:42:F7:B7:69:5C:8C:D2:11:72:33:75:C9:2D:8D:79:25:8C:B4
ValidityTue, 31 Dec 2024 09:46:04 GMT - Mon, 31 Mar 2025 09:46:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cchain/0?gdpr=0&gdpr_consent=&us_privacy=&cb=https%3A%2F%2F%2Fsetuid%3Fbidder%3Damx%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dsp-service.netaddiction.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Sat, 01 Feb 2025 10:52:29 GMT
location: https:///setuid?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

csync.smilewanted.com/drop_cookie_sw.php

104.22.31.209

200 OK

170 B

URL
csync.smilewanted.com/drop_cookie_sw.php
IP
104.22.31.209:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type
data
Size
170 B (170 bytes)
Hash
6752a34fe53604289fb4f113975108fc
1c1867a5a521692c1d17f01171eb9ee9c2fb3358
0936284a5602ae175b007c1b3a53020da002a082bb1c20fe8fa9a46c030430eb

HTTP Headers

GET /drop_cookie_sw.php HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:29 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: sw_user_params_infos=eFCcyhd%2BLLLnf7KPtUVBDI%2FvaYrEdJirfR6XTSux2wjOkeUNeqOTtyMFhzxt210CExIrFTroDbm0Bvy1oTDSb4b%2FHKpxiwZ436j7s%2Ba9cPnhbv%2F%2Fle3JUjPRmA57%2B1voWLsp1v63o8%2B8SQq2XDNskQ%3D%3D; expires=Sun, 01 Feb 2026 16:41:41 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b1646cad8ab51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

code.21wiz.com/go/bn?key=480a3786f25b10cc21aadc157c93c886&cp.adsource=pcicl_br&vt=100&w=300&h=250&cp.referer=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fid=f7d818c0357e33650&cp.tanc=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030

172.67.214.3

200 OK

385 kB

URL
code.21wiz.com/go/bn?key=480a3786f25b10cc21aadc157c93c886&cp.adsource=pcicl_br&vt=100&w=300&h=250&cp.referer=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fid=f7d818c0357e33650&cp.tanc=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
385 kB (384788 bytes)
Hash
929aa17fe6d825abb11f4cd9f41ee623
dacce6c2525189ab7dd1a537896e524f81adad30
184882e6a999488aa22a0bd3a71423526241303f2837747c83c4144f09b5699e

HTTP Headers

GET /go/bn?key=480a3786f25b10cc21aadc157c93c886&cp.adsource=pcicl_br&vt=100&w=300&h=250&cp.referer=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fid=f7d818c0357e33650&cp.tanc=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407147; 41rmads=1738407147; 119rmads=1738407147; 193rmads=1738407147; 664rmads=1738407147; 12rmads=1738407147; 718rmads=1738407147; 197rmads=1738407147; 739rmads=1738407147; 651rmads=1738407147; 741rmads=1738407147; 720rmads=1738407148
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:29 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-wizads-path: /
x-wizads-referrer: https://recipesalba.com/
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,134384
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Lldi%2BP1LA8paSzvt2FNyg8rxRNXtpMoniYqfl8kfiOvIe0hBGkibuEDQT5pq%2FkUsg2THK5K3c2KzcTnIiDPqmNNW5jXWAFYjaK3WF5DasAH9ClOXDq5DXQSzudmfrv2SLA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b1646ac9b80b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4222&min_rtt=1577&rtt_var=3545&sent=197&recv=66&lost=0&retrans=0&sent_bytes=175290&recv_bytes=18165&delivery_rate=393221&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=5575&x=1", cfExtPri, cfHdrFlush;dur=0

sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2F%2Fsetuid%3Fbidder%3Dadtarget%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buid%7D

185.83.71.234

302 Found

0 B

URL
sync.console.adtarget.com.tr/csync?redir=https%3A%2F%2F%2Fsetuid%3Fbidder%3Dadtarget%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buid%7D
IP
185.83.71.234:0
ASN
#55081 24SHELLS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /csync?redir=https%3A%2F%2F%2Fsetuid%3Fbidder%3Dadtarget%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D%7Buid%7D HTTP/1.1
Host: sync.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dsp-service.netaddiction.tech/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: Adtarget
Date: Sat, 01 Feb 2025 10:52:30 GMT
Content-Length: 0
Etag: f8ab35cd650acb90
Location: https:///setuid?bidder=adtarget&gdpr=0&gdpr_consent=&f=i&uid=f8ab35cd650acb90
Set-Cookie: vmuid=f8ab35cd650acb90; expires=Mon, 05 May 2025 10:52:30 GMT; domain=.console.adtarget.com.tr; path=/; secure; SameSite=None

dsp-service.pixad.com.tr/users/sync/?redir=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dpixad%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D

172.67.74.147

302 Found

506 B

URL GET HTTP/2
dsp-service.pixad.com.tr/users/sync/?redir=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dpixad%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
IP
172.67.74.147:443
ASN
#13335 CLOUDFLARENET

Requested by
https://static.cdn.admatic.com.tr/sync.html
Certificate
IssuerLet's Encrypt
Subjectdsp-service.pixad.com.tr
FingerprintAC:BB:9C:44:BE:63:E9:A5:EC:5C:4C:29:3C:1B:00:92:54:61:A4:F8
ValidityThu, 02 Jan 2025 07:18:47 GMT - Wed, 02 Apr 2025 07:18:46 GMT

File type
data
Size
506 B (506 bytes)
Hash
4f67f6b81d1f8240ece1c544f843e95a
fff7c015f8e7302880ea43afd2cc24d154163741
ca6f06f6e4677de98f6a1cd8f021969e6773b638147bf5c307b5c4db12f3ab5d

HTTP Headers

GET /users/sync/?redir=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dpixad%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP/1.1
Host: dsp-service.pixad.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.cdn.admatic.com.tr/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 01 Feb 2025 10:52:29 GMT
content-type: text/html; charset=utf-8
location: https://prebid.admatic.com.tr/setuid?bidder=pixad&gdpr=0&gdpr_consent=&f=b&uid=683baa5c-6c9c-4053-9f97-20479c87683b
access-control-allow-origin: *
x-powered-by: Pixad
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
working-on: pixad-k8s
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=dnxp%2F%2Fnqaq8reZUUvXTiaagM%2BfsrzYWVtOh8dc1ce8st4JONeUv0egKDAy2fjkVREo3qFFUGhr%2BCgkvvtSmkqmEaI%2F81aUrMrXv1wzIK0coWNyZ1pzWwMlQCtV3I7zk%2FvbagJiC%2F59kZ%2FQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b1646e0fdf5689-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfCacheStatus;desc="DYNAMIC", cfL4;desc="?proto=TCP&rtt=1246&min_rtt=552&rtt_var=1381&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2784&recv_bytes=1262&delivery_rate=5045296&cwnd=253&unsent_bytes=0&cid=bc674306bec1ac94&ts=120&x=0"
X-Firefox-Spdy: h2

cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

151.101.129.229

200 OK

831 B

URL
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
JSON text data
Size
831 B (831 bytes)
Hash
62c50fede3d40963e6bcf7bad05a3961
7d4189ac5632bc0d724f62c0e7348dcf2021154e
3722687fbc8935dc744aecf811883dbc2c0f654cb2a94e1b2cc76e0616cff072

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.2318
x-jsd-version-type: version
etag: W/"636-fUGJrFYyvA1yT2LA5zSNzyAhFU4"
content-encoding: br
accept-ranges: bytes
date: Sat, 01 Feb 2025 10:52:30 GMT
age: 24695
x-served-by: cache-fra-eddf8230103-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 831
X-Firefox-Spdy: h2

ml.pubcircle.ai/?c=o&m=initsets&d=723

80.77.86.40

200 OK

859 B

URL
ml.pubcircle.ai/?c=o&m=initsets&d=723
IP
80.77.86.40:0
ASN
#46636 NATCOWEB

File type
ASCII text, with very long lines (859), with no line terminators
Size
859 B (859 bytes)
Hash
158d6423ae0cf6443541fb370cc244f5
823947cc3f2b78df23bbee0f913248c3888ed066
853b05a347db24662124b5eccd5e9a05d29593267f343c94399fd0c1ab4d63b8

HTTP Headers

GET /?c=o&m=initsets&d=723 HTTP/1.1
Host: ml.pubcircle.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Type: text/plain
Content-Length: 859
Date: Sat, 01 Feb 2025 10:52:31 GMT
Connection: keep-alive
Keep-Alive: timeout=5

gpp.netpub.media/init.js

104.22.52.160

200 OK

405 B

URL GET HTTP/2
gpp.netpub.media/init.js
IP
104.22.52.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
405 B (405 bytes)
Hash
f7809ca50443f0623efca7815576de27
2cf03659def46e836265aefe8971ac0f702405b7
3e216cce0666a74fe84633c856d8ab2e792c0654b257d46ad080d226e8c57c7e

HTTP Headers

GET /init.js HTTP/1.1
Host: gpp.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Sun, 08 Dec 2024 00:36:50 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b1644e1a0556b4-OSL
X-Firefox-Spdy: h2

ml.pubcircle.ai/pxl.gif?c=e&m=rp&u=723&key=111

80.77.86.40

200 OK

35 B

URL
ml.pubcircle.ai/pxl.gif?c=e&m=rp&u=723&key=111
IP
80.77.86.40:0
ASN
#46636 NATCOWEB

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /pxl.gif?c=e&m=rp&u=723&key=111 HTTP/1.1
Host: ml.pubcircle.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Cache-Control: no-cache, no-store, max-age=0, private, must-revalidate, proxy-revalidate
Date: Sat, 01 Feb 2025 10:52:31 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 35

gpp.netpub.media/17384071447130.4166040621697784/run.js?v=17384071447130.4166040621697784

104.22.52.160

200 OK

605 B

URL
gpp.netpub.media/17384071447130.4166040621697784/run.js?v=17384071447130.4166040621697784
IP
104.22.52.160:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with CRLF line terminators
Size
605 B (605 bytes)
Hash
54f643b0fa8a7d71cb117679a6fbb2ce
573d440c0f9fa4cf53e85cf86a86eba173933a1c
851d2ece063bcac9a5addec55308a32557f978d2daf3950395fc3dc41e9e9336

HTTP Headers

GET /17384071447130.4166040621697784/run.js?v=17384071447130.4166040621697784 HTTP/1.1
Host: gpp.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:24 GMT
content-type: application/javascript
last-modified: Wed, 21 Feb 2024 16:05:00 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b1644e8a6756b4-OSL
content-encoding: br
X-Firefox-Spdy: h2

prebid.admanmedia.com/pbjs

109.206.161.28

200 OK

2 B

URL
prebid.admanmedia.com/pbjs
IP
109.206.161.28:0
ASN
#50245 Serverel Inc.

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: prebid.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 568
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:31 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true

ml.pubcircle.ai/pbjs

80.77.86.40

200 OK

2 B

URL POST HTTP/1.1
ml.pubcircle.ai/pbjs
IP
80.77.86.40:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoDaddy.com, Inc.
Subject*.pubcircle.ai
Fingerprint86:C7:16:9D:27:5E:60:98:4E:00:2D:85:D3:FE:21:45:DD:F5:2C:61
ValidityFri, 14 Jun 2024 10:06:25 GMT - Sat, 14 Jun 2025 10:05:43 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: ml.pubcircle.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 565
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Content-Type: application/json
Connection: keep-alive
Content-Length: 2
Date: Sat, 01 Feb 2025 10:52:31 GMT

static.cdn.admatic.com.tr/cookie.html?bidder=netaddiction&gdpr=0&gdpr_consent=&f=b&uid=eba33a54-3d16-4e79-a18b-da36d57f1cae

172.67.73.96

200 OK

1.1 kB

URL
static.cdn.admatic.com.tr/cookie.html?bidder=netaddiction&gdpr=0&gdpr_consent=&f=b&uid=eba33a54-3d16-4e79-a18b-da36d57f1cae
IP
172.67.73.96:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
1.1 kB (1065 bytes)
Hash
6512206a5c89401d852d36e642b49ac9
9b112ebee43ae4746cc32a60dab34c812c2ec6eb
e4668a45ec082ca434802c058bce098f61389265800ac45d77952c88f1bf6d68

HTTP Headers

GET /cookie.html?bidder=netaddiction&gdpr=0&gdpr_consent=&f=b&uid=eba33a54-3d16-4e79-a18b-da36d57f1cae HTTP/1.1
Host: static.cdn.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dsp-service.netaddiction.tech/
DNT: 1
Connection: keep-alive
Cookie: adplus_digital_id=0.dtqhamnu4p
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: text/html
cdn-pullzone: 1905149
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
last-modified: Fri, 31 Jan 2025 20:54:20 GMT
cdn-storageserver: DE-632
cdn-fileserver: 971
cdn-proxyver: 1.19
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/01/2025 10:52:30
cdn-edgestorageid: 1048
cdn-status: 200
cdn-requesttime: 1
cdn-requestid: a428f1cde09eb401e6a552ed6883eeab
cdn-cache: MISS
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=j41xC2%2FgDMj37c7fDPnzVVm1BTfccsOjq75l5G6S1NNADu6v7fWxbEKbYt75i%2B2wJTUrmz51Ig4YP5vqRDc1%2BA7JPGjviuoB9wvmRfQVHN7vyT3LCDf%2F7ZpwRJ2VKz%2BjMe9mhn44dGSuNh4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b164729ea756ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4306&min_rtt=2434&rtt_var=2367&sent=30&recv=16&lost=0&retrans=0&sent_bytes=11911&recv_bytes=3117&delivery_rate=811952&cwnd=12000&unsent_bytes=0&cid=c262a84536ea9f52&ts=1382&x=1", cfExtPri, cfHdrFlush;dur=0

prebid.axis-marketplace.com/pbjs

80.77.87.74

200 OK

2 B

URL POST HTTP/1.1
prebid.axis-marketplace.com/pbjs
IP
80.77.87.74:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoDaddy.com, Inc.
Subject*.axis-marketplace.com
Fingerprint48:A1:B3:B7:84:2F:BD:CA:19:3B:7A:41:06:4E:4B:69:16:DD:FC:2A
ValidityWed, 31 Jul 2024 10:29:55 GMT - Mon, 01 Sep 2025 10:29:55 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: prebid.axis-marketplace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 568
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:32 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true

prebid.admanmedia.com/pbjs

109.206.161.28

200 OK

2 B

URL
prebid.admanmedia.com/pbjs
IP
109.206.161.28:0
ASN
#50245 Serverel Inc.

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: prebid.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 768
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:33 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true

track.us.org/events?u=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade

185.59.208.177

200 OK

41 B

URL POST HTTP/2
track.us.org/events?u=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade
IP
185.59.208.177:443
ASN
#43541 VSHosting s.r.o.

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subjecttrack.us.org
FingerprintCC:60:D0:51:27:38:7B:E2:19:0C:C9:EE:65:D5:FE:54:94:A4:CB:BA
ValidityFri, 13 Dec 2024 01:01:43 GMT - Thu, 13 Mar 2025 01:01:42 GMT

File type
gzip compressed data, max speed, from Unix
Size
41 B (41 bytes)
Hash
a8af221ac59459adead9ecd9c53482a5
6eadf966a560ce29a40374bdb9ab218facd6d1fe
b354ed524e53eb6b82ac3e10ff73fd2c46031d615b50d2663f06e34bbcdc67ed

HTTP Headers

POST /events?u=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade HTTP/1.1
Host: track.us.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 305
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
server: nginx
date: Sat, 01 Feb 2025 10:52:31 GMT
content-type: text/javascript; charset=utf-8
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-headers: X-Requested-With,origin,content-type,accept,accept-encoding,accept-language
access-control-max-age: 1
p3p: CP="ALL IND DSP COR ADM CONo CUR CUSo IVAo IVDo PSA PSD TAI TELo OUR SAMo CNT COM INT NAV ONL PHY PRE PUR UNI"
last-modified: Sat, 01 Feb 2025 10:52:33 GMT
expires: Tue, 01 Jan 2000 00:00:00 GMT
cache-control: post-check=0, pre-check=0; max-age=0, no-cache, must-revalidate, proxy-revalidate, private
pragma: no-cache
content-encoding: gzip
X-Firefox-Spdy: h2

mp.4dex.io/prebid

104.18.34.178

200 OK

83 B

URL POST HTTP/2
mp.4dex.io/prebid
IP
104.18.34.178:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectmp.4dex.io
Fingerprint3B:94:35:EA:97:FB:E2:C0:68:A1:C3:AA:6A:C9:30:75:BA:78:1C:5C
ValidityWed, 25 Dec 2024 02:12:12 GMT - Tue, 25 Mar 2025 03:12:08 GMT

File type
gzip compressed data, from Unix
Size
83 B (83 bytes)
Hash
b132c07f7376c345a7e950e806613b0f
b473ed9afe9941404d5b366c302abae207ac172e
45ea04828c0ab0ac5f00d4c606f5340682016e6058f423bf92ae5f5a57fb944e

HTTP Headers

POST /prebid HTTP/1.1
Host: mp.4dex.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1498
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:25 GMT
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
vary: Origin, Accept-Encoding
x-err: Splits. no seat with adunits, mapping rule and shaping
x-version: 3.0.0-gcp-ams
x-warn: Parsing the Prebid Request. int_scc_sid, Process Splits. all case seats filetered for: ban_div_netpub_campaign_fnbqnylybu2ziz88
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b164533c0f56c4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2

onetag-sys.com/usync/?cb=1738407154354

51.38.120.206

204 No Content

0 B

URL
onetag-sys.com/usync/?cb=1738407154354
IP
51.38.120.206:0
ASN
#16276 OVH SAS

Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?cb=1738407154354 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

logger.21wiz.com/logger?t=player_finish&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&a=&m=&v=480a3786f25b10cc21aadc157c93c886&o=

172.67.214.3

200 OK

81 B

URL
logger.21wiz.com/logger?t=player_finish&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&a=&m=&v=480a3786f25b10cc21aadc157c93c886&o=
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Size
81 B (81 bytes)
Hash
b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

HTTP Headers

GET /logger?t=player_finish&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&a=&m=&v=480a3786f25b10cc21aadc157c93c886&o= HTTP/1.1
Host: logger.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-logger-le: true
x-logger-tdb: wizads
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=v8OoL02%2BC0hA%2Be3Of1rL%2BUImRNdFFTXD%2F7k0Nw8NeCFU%2FEjU2YQ5QM6NNUOfycSQORz5Qxgx9sbjedqSTtmPGGZMES3BIpAXRBPS3e09VsPN9Hipb8CJiYEs9G5ZWRtPYUTw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164726fb20b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3833&min_rtt=1577&rtt_var=2608&sent=206&recv=70&lost=0&retrans=0&sent_bytes=182347&recv_bytes=18855&delivery_rate=216520&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=6793&x=1", cfExtPri, cfHdrFlush;dur=0

onetag-sys.com/usync/?cb=1738407151450

51.38.120.206

204 No Content

0 B

URL
onetag-sys.com/usync/?cb=1738407151450
IP
51.38.120.206:0
ASN
#16276 OVH SAS

Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?cb=1738407151450 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

cs.pubcircle.ai/iframe?pbjs=1&coppa=0

80.77.86.40

200 OK

0 B

URL GET HTTP/1.1
cs.pubcircle.ai/iframe?pbjs=1&coppa=0
IP
80.77.86.40:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoDaddy.com, Inc.
Subject*.pubcircle.ai
Fingerprint86:C7:16:9D:27:5E:60:98:4E:00:2D:85:D3:FE:21:45:DD:F5:2C:61
ValidityFri, 14 Jun 2024 10:06:25 GMT - Sat, 14 Jun 2025 10:05:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /iframe?pbjs=1&coppa=0 HTTP/1.1
Host: cs.pubcircle.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Type: text/html
Content-Length: 0
Date: Sat, 01 Feb 2025 10:52:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5

cs.admanmedia.com/iframe?pbjs=1&coppa=0

80.77.87.162

200 OK

2.5 kB

URL GET HTTP/1.1
cs.admanmedia.com/iframe?pbjs=1&coppa=0
IP
80.77.87.162:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerSectigo Limited
Subject*.admanmedia.com
Fingerprint1C:48:88:CE:3F:35:F6:5C:88:3A:E9:8A:DA:4C:49:6F:F7:A4:07:32
ValidityWed, 15 May 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11443), with no line terminators
Size
2.5 kB (2463 bytes)
Hash
093e174adb7573664b7db5f155faafb1
6000d1bf95286e5808b618fe560a18e5cc2540af
8ef62992280f186359573ea93417f1e0a5586cab4deab2a8241b22c8a58c20e5

HTTP Headers

GET /iframe?pbjs=1&coppa=0 HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:36 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:45 GMT;SameSite=None;Secure
ac_r=; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:45 GMT;SameSite=None;Secure
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1701
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://recipesalba.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

s.ad.smaato.net/c/?adExInit=ILLU&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcs.admanmedia.com%2F2d3a53bfd5e6a5d474cb0cccf071882f.gif%3Fpuid%3D%24UID

143.204.55.53

302 Found

0 B

URL
s.ad.smaato.net/c/?adExInit=ILLU&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcs.admanmedia.com%2F2d3a53bfd5e6a5d474cb0cccf071882f.gif%3Fpuid%3D%24UID
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/?adExInit=ILLU&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcs.admanmedia.com%2F2d3a53bfd5e6a5d474cb0cccf071882f.gif%3Fpuid%3D%24UID HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
content-length: 0
location: https://pixel-sync.sitescout.com/dmp/pixelSync?nid=124&gdpr=0&gdpr_consent=[GDPR_CONSENT]
server: CloudFront
date: Sat, 01 Feb 2025 10:48:49 GMT
cache-control: max-age=300
set-cookie: SCM=289e8a80b0; Max-Age=1814400; Domain=.smaato.net; SameSite=None; Path=/; Secure
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 7jMw6uCNFoxfVFhDTZ1huaAUoVo6n6hG7U-XXYPXqxILFOgMjs16gw==
age: 227
X-Firefox-Spdy: h2

static.21wiz.com/mp_dist/mstream2.js?ver=9008193505

172.67.214.3

200 OK

57 kB

URL GET HTTP/3
static.21wiz.com/mp_dist/mstream2.js?ver=9008193505
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
JavaScript source, Unicode text, UTF-8 text, with very long lines (65071), with no line terminators
Size
57 kB (57149 bytes)
Hash
6552016baaafae4122d71b3befa6a9f5
5215def9bc16f459769269b1cef0fde31d58db86
189bda55bfa77962551315a9efcfcae7de59f8a9fd9e04fe328dea5ef4cd9f0a

HTTP Headers

GET /mp_dist/mstream2.js?ver=9008193505 HTTP/1.1
Host: static.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:26 GMT
content-type: application/javascript
last-modified: Fri, 31 Jan 2025 13:07:22 GMT
vary: Accept-Encoding
etag: W/"679ccb0a-27b50"
x-movieads-country: NO
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-max-age: 1728000
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 6149
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=gf8lV9MMyWzT6v6OJC2YjI9AJCspt%2FtmE%2BB2phHjDrnMkyMUuubZIwy%2BrYvBi1FQKsTe1EMfqop6zFj9PTEeV6l%2FUssIj3IqArj5fDok1pr0pXVkYjeg5Kaus6VnlrIAa6TT"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164596b0b0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6456&min_rtt=2053&rtt_var=6012&sent=72&recv=24&lost=0&retrans=0&sent_bytes=60983&recv_bytes=4847&delivery_rate=364663&cwnd=37200&unsent_bytes=0&cid=647b1420534dce91&ts=2766&x=1", cfExtPri, cfHdrFlush;dur=0

s.ad.smaato.net/c/?dspInit=10002005&dspCookie=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]

143.204.55.53

204 No Content

0 B

URL GET HTTP/2
s.ad.smaato.net/c/?dspInit=10002005&dspCookie=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]
IP
143.204.55.53:443
ASN
#16509 AMAZON-02

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerAmazon
Subjects.ad.smaato.net
FingerprintF6:4E:26:28:6E:A1:9B:A8:BE:1A:00:57:E2:2E:73:1A:FC:7B:59:00
ValiditySun, 04 Aug 2024 00:00:00 GMT - Tue, 02 Sep 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/?dspInit=10002005&dspCookie=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT] HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
server: CloudFront
date: Sat, 01 Feb 2025 10:52:36 GMT
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: y78dn7uW_fAlEyouhoj36Sn_s8B7oNTAcUn0SSXHyLnmAAVEBl7zEw==
X-Firefox-Spdy: h2

prebid.admanmedia.com/pbjs

109.206.161.28

200 OK

2 B

URL
prebid.admanmedia.com/pbjs
IP
109.206.161.28:0
ASN
#50245 Serverel Inc.

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: prebid.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 568
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:36 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true

csync.loopme.me/?partner_id=1454&uid=08191ad2-d17c-4b54-96e1-acc569a2a237

34.1.224.215

204 No Content

0 B

URL
csync.loopme.me/?partner_id=1454&uid=08191ad2-d17c-4b54-96e1-acc569a2a237
IP
34.1.224.215:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?partner_id=1454&uid=08191ad2-d17c-4b54-96e1-acc569a2a237 HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
set-cookie: viewer_token=1c246f01-4e9b-40d1-883e-adbc8debacf0; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Thu, 01-May-2025 10:52:36 GMT; SameSite=None
date: Sat, 01 Feb 2025 10:52:36 GMT
server: _
X-Firefox-Spdy: h2

www.temu.com/api/adx/cm/pixel-admanmedia?adx_uid=08191ad2-d17c-4b54-96e1-acc569a2a237

172.64.144.50

200 OK

0 B

URL
www.temu.com/api/adx/cm/pixel-admanmedia?adx_uid=08191ad2-d17c-4b54-96e1-acc569a2a237
IP
172.64.144.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/adx/cm/pixel-admanmedia?adx_uid=08191ad2-d17c-4b54-96e1-acc569a2a237 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:36 GMT
content-length: 0
x-gateway-request-id: 1738407156614-2aaa2d51f149c61ad94329ba45e3bedf
strict-transport-security: max-age=31536000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
yak-timeinfo: 1738407156614|3
cip: 91.90.42.154
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
set-cookie: api_uid=CnFFJ2ed/PShRgBOy2wXAg==; expires=Sun, 01-Feb-26 10:52:36 GMT; domain=.temu.com; path=/; secure
__cf_bm=w17KVWXXW_iAQl.iSz2OIIdiSDXddeBB7Etq_qdEMg0-1738407156-1.0.1.1-BDUwMBgpeeVxPGcCaRNkW2yWFHlXT4.3WHUrYCECE0naejNcWvhMfiqOcbTwqp.EbsvVOz5Qb0wOaU4s62cZ7Q; path=/; expires=Sat, 01-Feb-25 11:22:36 GMT; domain=.temu.com; HttpOnly; Secure; SameSite=None
server: cloudflare
cf-ray: 90b16498ad731c0a-OSL
X-Firefox-Spdy: h2

code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=bofads_out&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf

172.67.214.3

200 OK

1.5 kB

URL
code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=bofads_out&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
1.5 kB (1477 bytes)
Hash
cc1cf4e32f696c6580551ce52b2fc2e1
938aac2550a47fea19a4210ba11cb57682870152
46ecf13ef08d944e501a3393f6a6f9743506107ae451c07d0d925bd0a462c97c

HTTP Headers

GET /vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=bofads_out&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407147; 41rmads=1738407147; 119rmads=1738407147; 193rmads=1738407147; 664rmads=1738407147
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:27 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,48009
x-wizads-referrer: https://recipesalba.com/
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 197rmads=1738407147; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hI7GOCRe%2FYKH1%2FtJq%2BDZGfFN%2BlYMyYQOU5RKfznfHnOp4ixyVwXDjAcZB%2FRvLGKaW6KNnrAyr5agPInjtigLqhZiSx65Fnh%2BCc9wAAC6pG1DYDwYV5vL3kH4isv%2FnQhhrw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b1646109c90b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5156&min_rtt=1577&rtt_var=3425&sent=161&recv=52&lost=0&retrans=0&sent_bytes=141692&recv_bytes=15141&delivery_rate=185110&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=4089&x=1", cfExtPri, cfHdrFlush;dur=0

code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=Dhs_out_g3&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf

172.67.214.3

200 OK

839 B

URL
code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=Dhs_out_g3&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
839 B (839 bytes)
Hash
c55a01de6f7ed785ffe9e205534793ff
e90822c0db7142cf596b64a014a0fc7aff65205a
91572dfccdc32064cc3d2f1e455f40337d5563f1bb57fb2bdffbc74b05bd4002

HTTP Headers

GET /vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=Dhs_out_g3&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=e1785382-2d17-c24a-ce03-31fefe7fdecf HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:27 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,65182
x-wizads-referrer: https://recipesalba.com/
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 41rmads=1738407147; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=ECVQh88UD8uQlpWKy6jTFAH9cRg4Y%2BtfysSFGu1pqR%2FngqndGtX7G%2BozaGGoNaVnu7%2BBRIecYJzXUtLwYLqELzSlgODyRbnUz1AKSBZM0gpr08JIETxRJiWUnUGiTSEbKA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b1645fb89a0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=3630&min_rtt=1577&rtt_var=2680&sent=147&recv=41&lost=0&retrans=0&sent_bytes=134098&recv_bytes=10584&delivery_rate=5997&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=3806&x=1", cfExtPri, cfHdrFlush;dur=0

csync.loopme.me/?pubid=11386&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redirect=https%3A%2F%2Fcs.admanmedia.com%2Ffaede4ab85d3e6a67af5e526adfe3e99.gif%3Fpuid%3D%7Bviewer_token%7D

34.1.224.215

307 Temporary Redirect

0 B

URL GET HTTP/2
csync.loopme.me/?pubid=11386&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redirect=https%3A%2F%2Fcs.admanmedia.com%2Ffaede4ab85d3e6a67af5e526adfe3e99.gif%3Fpuid%3D%7Bviewer_token%7D
IP
34.1.224.215:443
ASN
#15169 GOOGLE

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerLet's Encrypt
Subjectloopme.com
Fingerprint7E:E6:51:07:B1:4A:13:13:19:66:0F:4D:FB:40:8C:4E:CA:74:20:51
ValidityFri, 03 Jan 2025 08:49:40 GMT - Thu, 03 Apr 2025 08:49:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pubid=11386&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redirect=https%3A%2F%2Fcs.admanmedia.com%2Ffaede4ab85d3e6a67af5e526adfe3e99.gif%3Fpuid%3D%7Bviewer_token%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 307 Temporary Redirect
set-cookie: viewer_token=36c93dc1-5a6b-4083-8488-90eb302b022d; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Thu, 01-May-2025 10:52:36 GMT; SameSite=None
location: https://cs.admanmedia.com/faede4ab85d3e6a67af5e526adfe3e99.gif?puid=36c93dc1-5a6b-4083-8488-90eb302b022d&gdpr_consent=[GDPR_CONSENT]&gdpr=[GDPR]
content-length: 0
date: Sat, 01 Feb 2025 10:52:36 GMT
server: _
X-Firefox-Spdy: h2

sync.vistarsagency.com/match/illumin?id=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0

95.216.70.52

200 OK

43 B

URL
sync.vistarsagency.com/match/illumin?id=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0
IP
95.216.70.52:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/illumin?id=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0 HTTP/1.1
Host: sync.vistarsagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:36 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

ghb.console.adtarget.com.tr/v2/auction/

167.235.94.177

200 OK

329 B

URL POST HTTP/1.1
ghb.console.adtarget.com.tr/v2/auction/
IP
167.235.94.177:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerZeroSSL
Subjectghb.console.adtarget.com.tr
Fingerprint22:D9:D6:E9:49:E3:E2:65:72:C3:89:D5:6C:35:16:C1:2C:64:21:0F
ValidityFri, 24 Jan 2025 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT

File type
JSON text data
Size
329 B (329 bytes)
Hash
d6ab9eb681c8ca1e7b6311ca001713b2
7356492db7d55220a3356ffffcf293be371f384d
62c28a43527a18cb36cfe586fa5a276c58f45184accb0ffb5c3e80b473be52a1

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 180
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: vmuid=f8ab35cd650acb90
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtarget
Date: Sat, 01 Feb 2025 10:52:36 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 329
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

csync.smilewanted.com/set_partner_userid_get/acuity/08191ad2-d17c-4b54-96e1-acc569a2a237

104.22.31.209

200 OK

2.1 kB

URL GET HTTP/2
csync.smilewanted.com/set_partner_userid_get/acuity/08191ad2-d17c-4b54-96e1-acc569a2a237
IP
104.22.31.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type
Targa image data - Mono 12296 x 33328 x 8 +1 +33440 - 12-bit alpha - top " +0�0�0�ءX0V10 UUS10U"
Size
2.1 kB (2110 bytes)
Hash
b4ab1be71cbd529ebe32efaf89b518b9
8d0f232a2596959cb5311657b6044cfa460051a8
f9f2774d951a41e52fbaa7df90927038f3e4425c77dee8700f27638cde5ce08c

HTTP Headers

GET /set_partner_userid_get/acuity/08191ad2-d17c-4b54-96e1-acc569a2a237 HTTP/1.1
Host: csync.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: sw_user_params_infos=eFCcyhd%2BLLLnf7KPtUVBDI%2FvaYrEdJirfR6XTSux2wjOkeUNeqOTtyMFhzxt210CExIrFTroDbm0Bvy1oTDSb4b%2FHKpxiwZ436j7s%2Ba9cPnhbv%2F%2Fle3JUjPRmA57%2B1voWLsp1v63o8%2B8SQq2XDNskQ%3D%3D
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:36 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: sw_user_params_infos=bTSvQOyIpH6%2FK7l%2BqkMN0GKqndku8o0wdkJ4MDe158YLZxgJdRdKG9mge%2Bc8OpWS7Wjx9r7FqGCda4P4ySZg1PtWjcEEhtZ1fysa34YxqlRqK37An1rvokOk5YAyuvESjoJ5YbTks%2Fn8HqIN8BuZB4lq7pq%2BVZQ0JJgW3EL93wjNLNcdvdD4T7oizkYkAxdyZAhzoWs68ADdfgCeXaEUWgn%2FICUSlSzgwm6lcUyT2Gg%3D; expires=Sun, 01 Feb 2026 16:41:48 GMT; Max-Age=31556952; path=/; domain=smilewanted.com; secure; HttpOnly; SameSite=None
access-control-allow-credentials: true
access-control-allow-methods: GET, POST, PUT, DELETE, OPTIONS
access-control-allow-headers: Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b164984e93b51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

sync.adprime.com/30fcd873bc6135c435d7bb084fc3b04c.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]

8.2.110.13

204 No Content

0 B

URL GET HTTP/1.1
sync.adprime.com/30fcd873bc6135c435d7bb084fc3b04c.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]
IP
8.2.110.13:443
ASN
#46636 NATCOWEB

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerLet's Encrypt
Subjectdelta.adprime.com
Fingerprint1A:83:65:F3:7C:DE:4A:CF:56:9E:B9:89:6F:60:31:DA:AF:1A:0B:0D
ValidityFri, 31 Jan 2025 05:47:25 GMT - Thu, 01 May 2025 05:47:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /30fcd873bc6135c435d7bb084fc3b04c.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED] HTTP/1.1
Host: sync.adprime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Set-Cookie: usr=8e8ebf6d-5c75-4f38-9164-044cec45f919; path=/; domain=.adprime.com; expires=Sat, 15 Feb 2025 10:52:36 GMT;SameSite=None;Secure
adprime_r=15; path=/; domain=.adprime.com; expires=Sat, 15 Feb 2025 10:52:36 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Date: Sat, 01 Feb 2025 10:52:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5

cs.admanmedia.com/ede3a686301e61ba2f7fc21a8866ca16.gif?puid=

80.77.87.162

302 Found

0 B

URL
cs.admanmedia.com/ede3a686301e61ba2f7fc21a8866ca16.gif?puid=
IP
80.77.87.162:0
ASN
#46636 NATCOWEB

Certificate
IssuerSectigo Limited
Subject*.admanmedia.com
Fingerprint1C:48:88:CE:3F:35:F6:5C:88:3A:E9:8A:DA:4C:49:6F:F7:A4:07:32
ValidityWed, 15 May 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ede3a686301e61ba2f7fc21a8866ca16.gif?puid= HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.admanmedia.com/
DNT: 1
Connection: keep-alive
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 01 Feb 2025 10:52:36 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:46 GMT;SameSite=None;Secure
ac_r=CS322:1739011956851; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:46 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://ums.acuityplatform.com/tum?umid=139&uid=08191ad2-d17c-4b54-96e1-acc569a2a237

sync.colossusssp.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]

172.240.155.108

200 OK

42 B

URL GET HTTP/1.1
sync.colossusssp.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]
IP
172.240.155.108:443
ASN
#7979 SERVERS-COM

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerGoDaddy.com, Inc.
Subject*.colossusssp.com
Fingerprint59:63:78:1E:33:71:DC:CF:6F:27:50:35:C4:3A:C8:FE:2A:C8:9E:77
ValiditySun, 08 Sep 2024 14:24:37 GMT - Fri, 10 Oct 2025 14:24:37 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED] HTTP/1.1
Host: sync.colossusssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:36 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: gtm_usr=8182ced0-b7ad-44ea-b31b-cf573fc082d6; path=/; domain=.colossusssp.com; expires=Sun, 01 Feb 2026 10:52:36 GMT;SameSite=None;Secure
lmg_r=97; path=/; domain=.colossusssp.com; expires=Sun, 01 Feb 2026 10:52:36 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

cs.playdigo.com/57c9cdd82c01aa0e2fc57f1863c43aba.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0

80.77.85.111

302 Found

0 B

URL
cs.playdigo.com/57c9cdd82c01aa0e2fc57f1863c43aba.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0
IP
80.77.85.111:0
ASN
#46636 NATCOWEB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /57c9cdd82c01aa0e2fc57f1863c43aba.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0 HTTP/1.1
Host: cs.playdigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Set-Cookie: pd_key=e84f0068-56ba-476b-92cc-f0e0ca0e33f6; path=/; domain=.playdigo.com; expires=Sat, 15 Feb 2025 10:52:36 GMT;SameSite=None;Secure
pb_red=17; path=/; domain=.playdigo.com; expires=Sat, 15 Feb 2025 10:52:36 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://s.ad.smaato.net/c/?dspInit=1002303&dspCookie=e84f0068-56ba-476b-92cc-f0e0ca0e33f6&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]
Date: Sat, 01 Feb 2025 10:52:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

us.ck-ie.com/act639.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_Consent]&us_privacy=[CCPA]&coppa=0&redir=https%3A%2F%2Fcs.admanmedia.com%2F62b6430e25b8b4664ae1c16e6d571926.gif%3Fpuid%3D%7B%24PARTNER_UID%7D

8.2.110.70

204 No Content

0 B

URL
us.ck-ie.com/act639.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_Consent]&us_privacy=[CCPA]&coppa=0&redir=https%3A%2F%2Fcs.admanmedia.com%2F62b6430e25b8b4664ae1c16e6d571926.gif%3Fpuid%3D%7B%24PARTNER_UID%7D
IP
8.2.110.70:0
ASN
#46636 NATCOWEB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /act639.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_Consent]&us_privacy=[CCPA]&coppa=0&redir=https%3A%2F%2Fcs.admanmedia.com%2F62b6430e25b8b4664ae1c16e6d571926.gif%3Fpuid%3D%7B%24PARTNER_UID%7D HTTP/1.1
Host: us.ck-ie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 01 Feb 2025 10:52:36 GMT
Content-Type: text/plain
Connection: keep-alive

cs.pgammedia.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&coppa=0&gpp=[GPP]&gpp_sid=[GPP_SID]

80.77.87.200

302 Found

0 B

URL
cs.pgammedia.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&coppa=0&gpp=[GPP]&gpp_sid=[GPP_SID]
IP
80.77.87.200:0
ASN
#46636 NATCOWEB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&coppa=0&gpp=[GPP]&gpp_sid=[GPP_SID] HTTP/1.1
Host: cs.pgammedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.20.2
Date: Sat, 01 Feb 2025 10:52:36 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: pgam_uid=e6a220ba-28c1-428e-9794-381a2a6cf820; path=/; domain=.pgammedia.com; expires=Sat, 15 Feb 2025 10:52:36 GMT;SameSite=None;Secure
pgam_red=39; path=/; domain=.pgammedia.com; expires=Sat, 15 Feb 2025 10:52:36 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://sync.cootlogix.com/api/cookie?partnerId=hive-pgam&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&userId=e6a220ba-28c1-428e-9794-381a2a6cf820

csync.copper6.com/41c1a65ad089ea94db1baec942f4daf6.gif?redir=https%3A%2F%2Fcs.admanmedia.com%2F4d8423f77f689cf43a5b68eb9e4008fb.gif%3Fpuid%3D08191ad2-d17c-4b54-96e1-acc569a2a237%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26ccpa%3D%5BCCPA%5D%26coppa%3D0

80.77.84.96

302 Found

0 B

URL
csync.copper6.com/41c1a65ad089ea94db1baec942f4daf6.gif?redir=https%3A%2F%2Fcs.admanmedia.com%2F4d8423f77f689cf43a5b68eb9e4008fb.gif%3Fpuid%3D08191ad2-d17c-4b54-96e1-acc569a2a237%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26ccpa%3D%5BCCPA%5D%26coppa%3D0
IP
80.77.84.96:0
ASN
#46636 NATCOWEB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /41c1a65ad089ea94db1baec942f4daf6.gif?redir=https%3A%2F%2Fcs.admanmedia.com%2F4d8423f77f689cf43a5b68eb9e4008fb.gif%3Fpuid%3D08191ad2-d17c-4b54-96e1-acc569a2a237%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26ccpa%3D%5BCCPA%5D%26coppa%3D0 HTTP/1.1
Host: csync.copper6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Set-Cookie: co_key=345cbc34-04c0-42a3-a110-b6079178964f; path=/; domain=.copper6.com; expires=Sat, 15 Feb 2025 10:52:36 GMT;SameSite=None;Secure
co_red=22; path=/; domain=.copper6.com; expires=Sat, 15 Feb 2025 10:52:36 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://cs.admanmedia.com/4d8423f77f689cf43a5b68eb9e4008fb.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0
Date: Sat, 01 Feb 2025 10:52:36 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

cs.admanmedia.com/faede4ab85d3e6a67af5e526adfe3e99.gif?puid=36c93dc1-5a6b-4083-8488-90eb302b022d&gdpr_consent=[GDPR_CONSENT]&gdpr=[GDPR]

80.77.87.162

302 Found

0 B

URL
cs.admanmedia.com/faede4ab85d3e6a67af5e526adfe3e99.gif?puid=36c93dc1-5a6b-4083-8488-90eb302b022d&gdpr_consent=[GDPR_CONSENT]&gdpr=[GDPR]
IP
80.77.87.162:0
ASN
#46636 NATCOWEB

Certificate
IssuerSectigo Limited
Subject*.admanmedia.com
Fingerprint1C:48:88:CE:3F:35:F6:5C:88:3A:E9:8A:DA:4C:49:6F:F7:A4:07:32
ValidityWed, 15 May 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /faede4ab85d3e6a67af5e526adfe3e99.gif?puid=36c93dc1-5a6b-4083-8488-90eb302b022d&gdpr_consent=[GDPR_CONSENT]&gdpr=[GDPR] HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.admanmedia.com/
DNT: 1
Connection: keep-alive
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 01 Feb 2025 10:52:36 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:46 GMT;SameSite=None;Secure
ac_r=CS143:1739011956951; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:46 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=14558&endpoint=us-east

s.ad.smaato.net/c/?dspInit=1002303&dspCookie=e84f0068-56ba-476b-92cc-f0e0ca0e33f6&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]

143.204.55.53

204 No Content

0 B

URL
s.ad.smaato.net/c/?dspInit=1002303&dspCookie=e84f0068-56ba-476b-92cc-f0e0ca0e33f6&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/?dspInit=1002303&dspCookie=e84f0068-56ba-476b-92cc-f0e0ca0e33f6&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT] HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.admanmedia.com/
DNT: 1
Connection: keep-alive
Cookie: SCM=289e8a80b0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: CloudFront
date: Sat, 01 Feb 2025 10:52:37 GMT
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: qNwULSxsBDhoJm7vNemcJ7sWAgb_a5tsdeGhxg9HaFy-iFaRXRnmSQ==
X-Firefox-Spdy: h2

cs.admanmedia.com/4d8423f77f689cf43a5b68eb9e4008fb.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0

80.77.87.162

302 Found

0 B

URL
cs.admanmedia.com/4d8423f77f689cf43a5b68eb9e4008fb.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0
IP
80.77.87.162:0
ASN
#46636 NATCOWEB

Certificate
IssuerSectigo Limited
Subject*.admanmedia.com
Fingerprint1C:48:88:CE:3F:35:F6:5C:88:3A:E9:8A:DA:4C:49:6F:F7:A4:07:32
ValidityWed, 15 May 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /4d8423f77f689cf43a5b68eb9e4008fb.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0 HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.admanmedia.com/
DNT: 1
Connection: keep-alive
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=CS143:1739011956951
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 01 Feb 2025 10:52:37 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:45 GMT;SameSite=None;Secure
ac_r=CS334:1739011957089; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:45 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.admanmedia.com%2F7df8d99918d2854384fc4c2d197ec3ff.gif%3Fpuid%3D%24UID%26redir%3D%5BRED%5D%26gdpr%3D[GDPR]%26gdpr_consent%3D[GDPR_CONSENT]%26ccpa%3D[CCPA]%26coppa%3D0&partner=acuityads

sync.cootlogix.com/api/cookie?partnerId=hive-pgam&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&userId=e6a220ba-28c1-428e-9794-381a2a6cf820

24.144.114.245

200 OK

43 B

URL
sync.cootlogix.com/api/cookie?partnerId=hive-pgam&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&userId=e6a220ba-28c1-428e-9794-381a2a6cf820
IP
24.144.114.245:0
ASN
#14061 DIGITALOCEAN-ASN

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

HTTP Headers

GET /api/cookie?partnerId=hive-pgam&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&userId=e6a220ba-28c1-428e-9794-381a2a6cf820 HTTP/1.1
Host: sync.cootlogix.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.admanmedia.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Authorization
access-control-allow-credentials: true
p3p: CP="NOI DSP COR PSAo PSDo OUR IND UNI COM NAV ADMa"
access-control-allow-methods: GET, HEAD, OPTIONS, POST
set-cookie: vdz_sync=40a2a85e-68e6-12a2-d5a8-ac401621e21a; Domain=.cootlogix.com; Path=/; Expires=Mon, 03 Mar 2025 10:52:37 GMT; Secure; SameSite=None
content-type: image/avif
content-length: 43
date: Sat, 01 Feb 2025 10:52:37 GMT
X-Firefox-Spdy: h2

ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.admanmedia.com%2F7df8d99918d2854384fc4c2d197ec3ff.gif%3Fpuid%3D%24UID%26redir%3D%5BRED%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26ccpa%3D%5BCCPA%5D%26coppa%3D0&partner=acuityads

107.23.13.97

204 No Content

0 B

URL GET HTTP/2
ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.admanmedia.com%2F7df8d99918d2854384fc4c2d197ec3ff.gif%3Fpuid%3D%24UID%26redir%3D%5BRED%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26ccpa%3D%5BCCPA%5D%26coppa%3D0&partner=acuityads
IP
107.23.13.97:443
ASN
#14618 AMAZON-AES

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerAmazon
Subjectssp.disqus.com
FingerprintB7:96:BD:15:65:56:33:FE:02:3A:A7:8A:57:8F:70:4E:6A:F5:33:36
ValidityThu, 19 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirectuser?r=https%3A%2F%2Fcs.admanmedia.com%2F7df8d99918d2854384fc4c2d197ec3ff.gif%3Fpuid%3D%24UID%26redir%3D%5BRED%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26ccpa%3D%5BCCPA%5D%26coppa%3D0&partner=acuityads HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:37 GMT
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2

ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.admanmedia.com%2F7df8d99918d2854384fc4c2d197ec3ff.gif%3Fpuid%3D%24UID%26redir%3D%5BRED%5D%26gdpr%3D[GDPR]%26gdpr_consent%3D[GDPR_CONSENT]%26ccpa%3D[CCPA]%26coppa%3D0&partner=acuityads

107.23.13.97

204 No Content

0 B

URL
ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.admanmedia.com%2F7df8d99918d2854384fc4c2d197ec3ff.gif%3Fpuid%3D%24UID%26redir%3D%5BRED%5D%26gdpr%3D[GDPR]%26gdpr_consent%3D[GDPR_CONSENT]%26ccpa%3D[CCPA]%26coppa%3D0&partner=acuityads
IP
107.23.13.97:0
ASN
#14618 AMAZON-AES

Certificate
IssuerAmazon
Subjectssp.disqus.com
FingerprintB7:96:BD:15:65:56:33:FE:02:3A:A7:8A:57:8F:70:4E:6A:F5:33:36
ValidityThu, 19 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirectuser?r=https%3A%2F%2Fcs.admanmedia.com%2F7df8d99918d2854384fc4c2d197ec3ff.gif%3Fpuid%3D%24UID%26redir%3D%5BRED%5D%26gdpr%3D[GDPR]%26gdpr_consent%3D[GDPR_CONSENT]%26ccpa%3D[CCPA]%26coppa%3D0&partner=acuityads HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.admanmedia.com/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:37 GMT
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2

ssp.disqus.com/match?bidder=26&buyeruid=08191ad2-d17c-4b54-96e1-acc569a2a237

107.23.13.97

204 No Content

0 B

URL GET HTTP/2
ssp.disqus.com/match?bidder=26&buyeruid=08191ad2-d17c-4b54-96e1-acc569a2a237
IP
107.23.13.97:443
ASN
#14618 AMAZON-AES

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerAmazon
Subjectssp.disqus.com
FingerprintB7:96:BD:15:65:56:33:FE:02:3A:A7:8A:57:8F:70:4E:6A:F5:33:36
ValidityThu, 19 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder=26&buyeruid=08191ad2-d17c-4b54-96e1-acc569a2a237 HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:37 GMT
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2

prebid.admanmedia.com/pbjs

109.206.161.28

200 OK

2 B

URL
prebid.admanmedia.com/pbjs
IP
109.206.161.28:0
ASN
#50245 Serverel Inc.

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: prebid.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 768
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=CS334:1739011957089
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:38 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true

prebid.axis-marketplace.com/pbjs

80.77.87.74

200 OK

2 B

URL POST HTTP/1.1
prebid.axis-marketplace.com/pbjs
IP
80.77.87.74:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoDaddy.com, Inc.
Subject*.axis-marketplace.com
Fingerprint48:A1:B3:B7:84:2F:BD:CA:19:3B:7A:41:06:4E:4B:69:16:DD:FC:2A
ValidityWed, 31 Jul 2024 10:29:55 GMT - Mon, 01 Sep 2025 10:29:55 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: prebid.axis-marketplace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 770
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:38 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true

static.21wiz.com/yasdk/vw.js?v5

172.67.214.3

200 OK

2.3 kB

URL GET HTTP/3
static.21wiz.com/yasdk/vw.js?v5
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
JavaScript source, ASCII text, with very long lines (1763)
Size
2.3 kB (2269 bytes)
Hash
7ec958a88c9505f60c162a1a502c0b65
c25efaee59541d70653aa72278437a55f33ee120
50b51a1c78d4911a0a86c061e07dd54aac82462c1cb1299dc197e2b3f22a6080

HTTP Headers

GET /yasdk/vw.js?v5 HTTP/1.1
Host: static.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:39 GMT
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 10:14:05 GMT
vary: Accept-Encoding
etag: W/"6762a06d-137e"
x-movieads-country: BY
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2153
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=CE6Uw8wfhaTM64SSu0cdXuNOcME2VHFSEshvQDHYcoI%2FhrxiG8mOAvx7qDEf%2FOCHijgh%2FwopcunqYUchBXftG3mchSOes5q2haGsiT37G7zrqEPNhnWDQGeYzDTv6dFspZUt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164ab1d410b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5777&min_rtt=1577&rtt_var=4835&sent=234&recv=92&lost=0&retrans=0&sent_bytes=196140&recv_bytes=24093&delivery_rate=41285&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=15831&x=1", cfExtPri, cfHdrFlush;dur=0

sync.vqserve.com/match/stream

87.242.104.235

302 Found

0 B

URL GET HTTP/1.1
sync.vqserve.com/match/stream
IP
87.242.104.235:443
ASN
#50340 JSC Selectel

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerSectigo Limited
Subject*.vqserve.com
FingerprintD7:B2:A2:51:6C:19:09:65:AB:29:3E:C2:8A:42:8E:E5:56:AE:46:1C
ValidityWed, 02 Oct 2024 00:00:00 GMT - Thu, 02 Oct 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match/stream HTTP/1.1
Host: sync.vqserve.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: rid=A1TGS2doidPqoJGVUWT74Z9aXd
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 01 Feb 2025 10:52:41 GMT
Content-Length: 0
Connection: keep-alive
Location: https://sm.rtb.mts.ru/p?ssp=viqeo&id=A1TGS2doidPqoJGVUWT74Z9aXd
Set-Cookie: rid=A1TGS2doidPqoJGVUWT74Z9aXd; expires=Mon, 03 Mar 2025 10:52:41 GMT; domain=vqserve.com; path=/; HttpOnly; secure; SameSite=None
Access-Control-Allow-Origin: *, *
Access-Control-Allow-Methods: GET, POST, OPTIONS
Access-Control-Allow-Headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
Access-Control-Allow-Credentials: true
Access-Control-Expose-Headers: Content-Length,Content-Range

endpoints.dochase.com/?seat=4EXVH4gKFKnbfFmXR3BT&token=L930bJe1QxXiGP13gcJN43FkOkh10PuQ&cb=1738407162.4664967&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0&ip=91.90.42.154&w=400&h=225&url=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&domain=recipesalba.com&dnt=[DNT]&lon=[LOCATION_LON]&lat=[LOCATION_LAT]&cat=210&ref=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&make=[DEVICE_MAKE]&model=[DEVICE_MODEL]&osv=[OSV]&devicetype=[DEVICE_TYPE]&ccpa=[CCPA]&gdpr=1&api=[API]&ifa=[IFA]&carrier=[CARRIER]&maxduration=60&minduration=1&playerwidth=[PLAYER_WIDTH]&playerheight=[PLAYER_HEIGHT]&gdpr_consent=&publisher_id=[PID]&os=[OS]&schain=1.0!1!wizads.eu,502,1,30a79919-fa3c-26b8-d0cd-7f304b6dee24,&coppa=[COPPA]&ccpa_consent=[CCPA_CONSENT]

8.2.109.53

200 OK

21 B

URL GET HTTP/1.1
endpoints.dochase.com/?seat=4EXVH4gKFKnbfFmXR3BT&token=L930bJe1QxXiGP13gcJN43FkOkh10PuQ&cb=1738407162.4664967&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0&ip=91.90.42.154&w=400&h=225&url=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&domain=recipesalba.com&dnt=[DNT]&lon=[LOCATION_LON]&lat=[LOCATION_LAT]&cat=210&ref=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&make=[DEVICE_MAKE]&model=[DEVICE_MODEL]&osv=[OSV]&devicetype=[DEVICE_TYPE]&ccpa=[CCPA]&gdpr=1&api=[API]&ifa=[IFA]&carrier=[CARRIER]&maxduration=60&minduration=1&playerwidth=[PLAYER_WIDTH]&playerheight=[PLAYER_HEIGHT]&gdpr_consent=&publisher_id=[PID]&os=[OS]&schain=1.0!1!wizads.eu,502,1,30a79919-fa3c-26b8-d0cd-7f304b6dee24,&coppa=[COPPA]&ccpa_consent=[CCPA_CONSENT]
IP
8.2.109.53:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGlobalSign nv-sa
Subject*.dochase.com
Fingerprint67:CF:80:F8:5A:15:36:52:0F:79:77:E0:B9:6F:2C:4B:63:70:E1:41
ValidityThu, 04 Jan 2024 12:17:10 GMT - Tue, 04 Feb 2025 12:17:09 GMT

File type
ASCII text, with no line terminators
Size
21 B (21 bytes)
Hash
13ac7a47804f191f7cbe9b50641403d8
32f847ad3e7ef2388d22268a5164b46cae07e593
64a76d85490bf923477d715fb998da7a59c66988a645d080e2436f40cb3190f6

HTTP Headers

GET /?seat=4EXVH4gKFKnbfFmXR3BT&token=L930bJe1QxXiGP13gcJN43FkOkh10PuQ&cb=1738407162.4664967&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%3B+rv%3A134.0%29+Gecko%2F20100101+Firefox%2F134.0&ip=91.90.42.154&w=400&h=225&url=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&domain=recipesalba.com&dnt=[DNT]&lon=[LOCATION_LON]&lat=[LOCATION_LAT]&cat=210&ref=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&make=[DEVICE_MAKE]&model=[DEVICE_MODEL]&osv=[OSV]&devicetype=[DEVICE_TYPE]&ccpa=[CCPA]&gdpr=1&api=[API]&ifa=[IFA]&carrier=[CARRIER]&maxduration=60&minduration=1&playerwidth=[PLAYER_WIDTH]&playerheight=[PLAYER_HEIGHT]&gdpr_consent=&publisher_id=[PID]&os=[OS]&schain=1.0!1!wizads.eu,502,1,30a79919-fa3c-26b8-d0cd-7f304b6dee24,&coppa=[COPPA]&ccpa_consent=[CCPA_CONSENT] HTTP/1.1
Host: endpoints.dochase.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:42 GMT
Content-Type: text/xml
Content-Length: 21
Connection: keep-alive
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload
X-Frame-Options: DENY

static.21wiz.com/yasdk/vw.js?v5

172.67.214.3

200 OK

382 kB

URL GET HTTP/3
static.21wiz.com/yasdk/vw.js?v5
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
gzip compressed data, from Unix
Size
382 kB (382436 bytes)
Hash
152e5dd4a531a94687925c16192ab875
9e9b1fce2745437dac883a64c19b7e2b9b34a935
e2dad2def2448c88d6a2a7159c2bf0338a316a7aa5bd5c718b6760781bd1dae0

HTTP Headers

GET /yasdk/vw.js?v5 HTTP/1.1
Host: static.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:41 GMT
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 10:14:05 GMT
vary: Accept-Encoding
etag: W/"6762a06d-137e"
x-movieads-country: BY
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2155
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=tCz3yykaBDJD8xMcp7WxKly6eRUBV7ChNCbMDa1fiQ30hD%2BkM5zobIB%2FOmlgcHgL3SJFok1Xh14bsMI66Jm5pG1y44IbUreXbt7W%2FSJp9GBI6xfxhioA1FLz7DlDUq%2BTcnA2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164b939240b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5575&min_rtt=1551&rtt_var=6355&sent=371&recv=148&lost=0&retrans=0&sent_bytes=307967&recv_bytes=36981&delivery_rate=160761&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=18113&x=1", cfExtPri, cfHdrFlush;dur=0

cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json

151.101.129.229

200 OK

831 B

URL
cdn.jsdelivr.net/gh/prebid/currency-file@1/latest.json
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
JSON text data
Size
831 B (831 bytes)
Hash
62c50fede3d40963e6bcf7bad05a3961
7d4189ac5632bc0d724f62c0e7348dcf2021154e
3722687fbc8935dc744aecf811883dbc2c0f654cb2a94e1b2cc76e0616cff072

HTTP Headers

GET /gh/prebid/currency-file@1/latest.json HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
content-length: 831
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json; charset=utf-8
x-jsd-version: 1.0.2318
x-jsd-version-type: version
etag: W/"636-fUGJrFYyvA1yT2LA5zSNzyAhFU4"
content-encoding: br
accept-ranges: bytes
date: Sat, 01 Feb 2025 10:52:43 GMT
age: 24708
x-served-by: cache-fra-eddf8230103-FRA, cache-hel1410034-HEL
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400

ml.pubcircle.ai/?c=o&m=initsets&d=739

80.77.86.40

200 OK

856 B

URL GET HTTP/1.1
ml.pubcircle.ai/?c=o&m=initsets&d=739
IP
80.77.86.40:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoDaddy.com, Inc.
Subject*.pubcircle.ai
Fingerprint86:C7:16:9D:27:5E:60:98:4E:00:2D:85:D3:FE:21:45:DD:F5:2C:61
ValidityFri, 14 Jun 2024 10:06:25 GMT - Sat, 14 Jun 2025 10:05:43 GMT

File type
ASCII text, with very long lines (856), with no line terminators
Size
856 B (856 bytes)
Hash
017c6d42be4618b0095c488ed4e6ef12
8a807d8cbb9f8fcc1d8dc1d1b5efd98d88b93096
3d3e8cfd0dacd6443ec658f985985b7ad10724fbbe1dde76f32e059bd233a3cd

HTTP Headers

GET /?c=o&m=initsets&d=739 HTTP/1.1
Host: ml.pubcircle.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Type: text/plain
Content-Length: 856
Date: Sat, 01 Feb 2025 10:52:43 GMT
Connection: keep-alive
Keep-Alive: timeout=5

code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adcnnoutcr&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360

172.67.214.3

200 OK

77 B

URL GET HTTP/3
code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adcnnoutcr&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
ASCII text, with no line terminators
Size
77 B (77 bytes)
Hash
2d02e1f6f7076a92bf5ec1003a7566ec
02ce8b2c9b4c38d5985c22f7bd875fd5ea990b59
c450d77e31164c0e658c38faccb3b50fdfe6b8e4ed691d75fcec60ccd2ad2ab3

HTTP Headers

GET /vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adcnnoutcr&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407147; 41rmads=1738407147; 119rmads=1738407147; 193rmads=1738407147; 664rmads=1738407147; 12rmads=1738407147; 718rmads=1738407147; 197rmads=1738407147; 739rmads=1738407147; 651rmads=1738407147; 741rmads=1738407147; 720rmads=1738407148
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:42 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,74522
x-wizads-referrer: https://recipesalba.com/
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 651rmads=1738407162; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OEmgRjBH2xasjo498OtaFMig4rPSfIq0AS2ccGqlZs1b2%2FRsDn0l%2B9XhgrhLd8t8n5mHXPc8vxMJmMUczuQTNuLAVjKBpFKRikvKjOEZDrRLXvBDu1Msd0vBaRSi7DlGFQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164bd5c710b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6413&min_rtt=1250&rtt_var=6447&sent=416&recv=179&lost=0&retrans=0&sent_bytes=337953&recv_bytes=48821&delivery_rate=51868&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=19175&x=1", cfExtPri, cfHdrFlush;dur=0

prebid.admanmedia.com/pbjs

109.206.161.28

200 OK

2 B

URL
prebid.admanmedia.com/pbjs
IP
109.206.161.28:0
ASN
#50245 Serverel Inc.

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: prebid.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 567
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=CS334:1739011957089
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:44 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true

ml.pubcircle.ai/pxl.gif?c=e&m=rp&u=739&key=111

80.77.86.40

200 OK

35 B

URL
ml.pubcircle.ai/pxl.gif?c=e&m=rp&u=739&key=111
IP
80.77.86.40:0
ASN
#46636 NATCOWEB

File type
GIF image data, version 89a, 1 x 1
Size
35 B (35 bytes)
Hash
c2196de8ba412c60c22ab491af7b1409
5fbd472222feb8a22cf5b8aa5dc5b8e13af88e2b
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

HTTP Headers

GET /pxl.gif?c=e&m=rp&u=739&key=111 HTTP/1.1
Host: ml.pubcircle.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: image/gif
Cache-Control: no-cache, no-store, max-age=0, private, must-revalidate, proxy-revalidate
Date: Sat, 01 Feb 2025 10:52:44 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 35

code.21wiz.com/go/bn?key=480a3786f25b10cc21aadc157c93c886&cp.adsource=adcny_br_cr&vt=100&w=300&h=250&cp.referer=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fid=f38aef44bedf9fac1&cp.tanc=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030

172.67.214.3

200 OK

1.8 kB

URL
code.21wiz.com/go/bn?key=480a3786f25b10cc21aadc157c93c886&cp.adsource=adcny_br_cr&vt=100&w=300&h=250&cp.referer=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fid=f38aef44bedf9fac1&cp.tanc=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

File type
gzip compressed data, from Unix
Size
1.8 kB (1796 bytes)
Hash
295500a7c49cc31811a0aba695d95bf5
f9200b093e4b131678ff5c308903783a52dd7b8e
8fb7db77caadba2b108f4c9b468818a6674cae50f4a2d90130984f355b1b0db1

HTTP Headers

GET /go/bn?key=480a3786f25b10cc21aadc157c93c886&cp.adsource=adcny_br_cr&vt=100&w=300&h=250&cp.referer=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fid=f38aef44bedf9fac1&cp.tanc=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407147; 41rmads=1738407147; 119rmads=1738407147; 193rmads=1738407147; 664rmads=1738407147; 12rmads=1738407147; 718rmads=1738407147; 197rmads=1738407147; 739rmads=1738407147; 651rmads=1738407147; 741rmads=1738407147; 720rmads=1738407148
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:41 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-wizads-path: /
x-wizads-referrer: https://recipesalba.com/
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,72180
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=xm6ubg6gnJI4S0XA7oklFSEVD2yYo%2FAS694WIEkriL%2B6%2BwB%2F3cbqXEzIjvkuTku%2B1b71OrYDY6RkA7hm3e4To6BEzjCDNcr3SvMd%2Bzmr17GC3paVQ3CH5UYx2wNzRsXotg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164b898ab0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4564&min_rtt=1551&rtt_var=4843&sent=365&recv=143&lost=0&retrans=0&sent_bytes=305507&recv_bytes=35686&delivery_rate=459854&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=18031&x=1", cfExtPri, cfHdrFlush;dur=0

static.21wiz.com/yasdk/vw.js?v5

172.67.214.3

200 OK

4.7 kB

URL GET HTTP/3
static.21wiz.com/yasdk/vw.js?v5
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
gzip compressed data, from Unix
Size
4.7 kB (4745 bytes)
Hash
603a0d80a19fc536e684c1a2fb6f9286
ff659c1f77d9af7ce6b2657b7983dc477ecaf69a
83eabf623b767534812a8b092a9d597411ea757729f92be9ed2c4457bfc2d222

HTTP Headers

GET /yasdk/vw.js?v5 HTTP/1.1
Host: static.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:39 GMT
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 10:14:05 GMT
vary: Accept-Encoding
etag: W/"6762a06d-137e"
x-movieads-country: BY
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2153
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=IKQD8kxoMiFhYbwjPXd%2BNnYr3IR15lHdfB0YNRhDhlKYdWS1bLCuvDx%2FgFRTGYcV8N2O6lU0Zv7RXACe7%2BgUyCeSxBta5I7aCW%2FHyQYcCmHEFRF2OmorcIHxx1626OMZSviu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164ac2e390b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6847&min_rtt=1577&rtt_var=7255&sent=242&recv=98&lost=0&retrans=0&sent_bytes=200753&recv_bytes=25426&delivery_rate=52149&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=16006&x=1", cfExtPri, cfHdrFlush;dur=0

ghb.console.adtarget.com.tr/v2/auction/

167.235.94.177

200 OK

329 B

URL POST HTTP/1.1
ghb.console.adtarget.com.tr/v2/auction/
IP
167.235.94.177:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerZeroSSL
Subjectghb.console.adtarget.com.tr
Fingerprint22:D9:D6:E9:49:E3:E2:65:72:C3:89:D5:6C:35:16:C1:2C:64:21:0F
ValidityFri, 24 Jan 2025 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT

File type
JSON text data
Size
329 B (329 bytes)
Hash
55ceeda18fe10504a1b1424fd6886223
c417832125c67c048a321bcf006dea34b07bbffd
e7e6cf0e27d543412c1d883cf5001be0476c66ba8d1c8b8393bbff2cea51e022

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 180
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: vmuid=f8ab35cd650acb90
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtarget
Date: Sat, 01 Feb 2025 10:52:44 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 329
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/service.js

104.22.52.160

302 Found

12 kB

URL GET HTTP/2
fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/service.js
IP
104.22.52.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
data
Size
12 kB (12535 bytes)
Hash
c9142e65f8a92e39cee6319db93725df
823cac29a05698c2d084543a023c6ac306953d0e
a0f5d262ee36b24dd87eacff037ea716044651d2a3ec9f0dc4ad9b41d3d8ad34

HTTP Headers

GET /r/56d8e76109aad0c06895b24547622d1f/service.js HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
date: Sat, 01 Feb 2025 10:52:24 GMT
content-type: text/html; charset=iso-8859-1
location: https://fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/4a3a05cf.js?npr=2b351962d5dd94636d2d0ec4ed68b4ba
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 90b1644a5df856b4-OSL
X-Firefox-Spdy: h2

static.cdn.admatic.com.tr/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=

172.67.73.96

200 OK

3.0 kB

URL
static.cdn.admatic.com.tr/cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
IP
172.67.73.96:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
3.0 kB (3038 bytes)
Hash
6512206a5c89401d852d36e642b49ac9
9b112ebee43ae4746cc32a60dab34c812c2ec6eb
e4668a45ec082ca434802c058bce098f61389265800ac45d77952c88f1bf6d68

HTTP Headers

GET /cookie.html?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid= HTTP/1.1
Host: static.cdn.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.cdn.admatic.com.tr/
DNT: 1
Connection: keep-alive
Cookie: adplus_digital_id=0.dtqhamnu4p
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: text/html
cdn-pullzone: 1905149
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
last-modified: Fri, 31 Jan 2025 20:54:20 GMT
cdn-storageserver: DE-677
cdn-fileserver: 971
cdn-proxyver: 1.19
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/31/2025 20:54:27
cdn-edgestorageid: 1049
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 0caeb1d5ead206390f1ee248e8f32c24
cdn-cache: HIT
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=n%2FdT5UnDaBZcOqldTicY%2BWmWA651Gt4QNfKMuagMvW6GN93TjV0XOxKlUFFdZCaTwsokbviXGz4u3wAd98ozkd1y7QauEvV8QjObdVZJuM5q5x6NKfchQFoHzuTiO7Sz8ZjQ30hhjzJKvSM%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b164707c5056ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5551&min_rtt=5372&rtt_var=2373&sent=14&recv=9&lost=0&retrans=0&sent_bytes=3816&recv_bytes=1668&delivery_rate=93890&cwnd=12000&unsent_bytes=0&cid=c262a84536ea9f52&ts=1057&x=1", cfExtPri, cfHdrFlush;dur=0

onetag-sys.com/usync/?cb=1738407164073

51.38.120.206

204 No Content

0 B

URL
onetag-sys.com/usync/?cb=1738407164073
IP
51.38.120.206:0
ASN
#16276 OVH SAS

Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /usync/?cb=1738407164073 HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
cache-control: no-store
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

cs.admanmedia.com/iframe?pbjs=1&coppa=0

80.77.87.162

200 OK

2.5 kB

URL GET HTTP/1.1
cs.admanmedia.com/iframe?pbjs=1&coppa=0
IP
80.77.87.162:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerSectigo Limited
Subject*.admanmedia.com
Fingerprint1C:48:88:CE:3F:35:F6:5C:88:3A:E9:8A:DA:4C:49:6F:F7:A4:07:32
ValidityWed, 15 May 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT

File type
HTML document, ASCII text, with very long lines (11443), with no line terminators
Size
2.5 kB (2463 bytes)
Hash
093e174adb7573664b7db5f155faafb1
6000d1bf95286e5808b618fe560a18e5cc2540af
8ef62992280f186359573ea93417f1e0a5586cab4deab2a8241b22c8a58c20e5

HTTP Headers

GET /iframe?pbjs=1&coppa=0 HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=CS334:1739011957089
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:48 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:46 GMT;SameSite=None;Secure
ac_r=CS334:1739011957089; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:46 GMT;SameSite=None;Secure
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Encoding: gzip

s.ad.smaato.net/c/?dspInit=10002005&dspCookie=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]

143.204.55.53

204 No Content

0 B

URL GET HTTP/2
s.ad.smaato.net/c/?dspInit=10002005&dspCookie=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]
IP
143.204.55.53:443
ASN
#16509 AMAZON-02

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerAmazon
Subjects.ad.smaato.net
FingerprintF6:4E:26:28:6E:A1:9B:A8:BE:1A:00:57:E2:2E:73:1A:FC:7B:59:00
ValiditySun, 04 Aug 2024 00:00:00 GMT - Tue, 02 Sep 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/?dspInit=10002005&dspCookie=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT] HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: SCM=289e8a80b0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: CloudFront
date: Sat, 01 Feb 2025 10:52:48 GMT
cache-control: no-cache, must-revalidate
x-cache: Miss from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3B1jXUkvBKoWHNVtf2OsOJfH8wU0kJeB1QPxmEWQJnZ2sWT0_HH-cQ==
X-Firefox-Spdy: h2

prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&cb=https%3A%2F%2Fcs.admanmedia.com%2Fede3a686301e61ba2f7fc21a8866ca16.gif%3Fpuid%3D

163.5.194.35

302 Found

0 B

URL GET HTTP/2
prebid.a-mo.net/cchain/0?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&cb=https%3A%2F%2Fcs.admanmedia.com%2Fede3a686301e61ba2f7fc21a8866ca16.gif%3Fpuid%3D
IP
163.5.194.35:443
ASN
#60558 Phoenix Nap, LLC.

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerLet's Encrypt
Subject*.a-mo.net
FingerprintA8:82:42:F7:B7:69:5C:8C:D2:11:72:33:75:C9:2D:8D:79:25:8C:B4
ValidityTue, 31 Dec 2024 09:46:04 GMT - Mon, 31 Mar 2025 09:46:03 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cchain/0?gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&us_privacy=[CCPA]&cb=https%3A%2F%2Fcs.admanmedia.com%2Fede3a686301e61ba2f7fc21a8866ca16.gif%3Fpuid%3D HTTP/1.1
Host: prebid.a-mo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 302 Found
cache-control: max-age=0, private, must-revalidate
content-length: 0
date: Sat, 01 Feb 2025 10:52:47 GMT
location: https://cs.admanmedia.com/ede3a686301e61ba2f7fc21a8866ca16.gif?puid=
server: envoy
vary: accept-encoding
x-envoy-upstream-service-time: 0
X-Firefox-Spdy: h2

csync.loopme.me/?partner_id=1454&uid=08191ad2-d17c-4b54-96e1-acc569a2a237

34.1.237.230

204 No Content

0 B

URL
csync.loopme.me/?partner_id=1454&uid=08191ad2-d17c-4b54-96e1-acc569a2a237
IP
34.1.237.230:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?partner_id=1454&uid=08191ad2-d17c-4b54-96e1-acc569a2a237 HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: viewer_token=36c93dc1-5a6b-4083-8488-90eb302b022d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 204 No Content
set-cookie: viewer_token=36c93dc1-5a6b-4083-8488-90eb302b022d; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Thu, 01-May-2025 10:52:48 GMT; SameSite=None
date: Sat, 01 Feb 2025 10:52:48 GMT
server: _
X-Firefox-Spdy: h2

cs.pubcircle.ai/iframe?pbjs=1&coppa=0

80.77.86.40

200 OK

0 B

URL GET HTTP/1.1
cs.pubcircle.ai/iframe?pbjs=1&coppa=0
IP
80.77.86.40:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoDaddy.com, Inc.
Subject*.pubcircle.ai
Fingerprint86:C7:16:9D:27:5E:60:98:4E:00:2D:85:D3:FE:21:45:DD:F5:2C:61
ValidityFri, 14 Jun 2024 10:06:25 GMT - Sat, 14 Jun 2025 10:05:43 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /iframe?pbjs=1&coppa=0 HTTP/1.1
Host: cs.pubcircle.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Content-Type: text/html
Content-Length: 0
Date: Sat, 01 Feb 2025 10:52:48 GMT
Connection: keep-alive
Keep-Alive: timeout=5

csync.loopme.me/?pubid=11386&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redirect=https%3A%2F%2Fcs.admanmedia.com%2Ffaede4ab85d3e6a67af5e526adfe3e99.gif%3Fpuid%3D%7Bviewer_token%7D

34.1.237.230

307 Temporary Redirect

0 B

URL GET HTTP/2
csync.loopme.me/?pubid=11386&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redirect=https%3A%2F%2Fcs.admanmedia.com%2Ffaede4ab85d3e6a67af5e526adfe3e99.gif%3Fpuid%3D%7Bviewer_token%7D
IP
34.1.237.230:443
ASN
#15169 GOOGLE

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerLet's Encrypt
Subjectloopme.com
Fingerprint7E:E6:51:07:B1:4A:13:13:19:66:0F:4D:FB:40:8C:4E:CA:74:20:51
ValidityFri, 03 Jan 2025 08:49:40 GMT - Thu, 03 Apr 2025 08:49:39 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /?pubid=11386&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redirect=https%3A%2F%2Fcs.admanmedia.com%2Ffaede4ab85d3e6a67af5e526adfe3e99.gif%3Fpuid%3D%7Bviewer_token%7D HTTP/1.1
Host: csync.loopme.me
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: viewer_token=36c93dc1-5a6b-4083-8488-90eb302b022d
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 307 Temporary Redirect
set-cookie: viewer_token=36c93dc1-5a6b-4083-8488-90eb302b022d; path=/; domain=csync.loopme.me; secure; HttpOnly; Expires=Thu, 01-May-2025 10:52:48 GMT; SameSite=None
location: https://cs.admanmedia.com/faede4ab85d3e6a67af5e526adfe3e99.gif?puid=36c93dc1-5a6b-4083-8488-90eb302b022d&gdpr_consent=[GDPR_CONSENT]&gdpr=[GDPR]
content-length: 0
date: Sat, 01 Feb 2025 10:52:48 GMT
server: _
X-Firefox-Spdy: h2

s.ad.smaato.net/c/?adExInit=ILLU&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcs.admanmedia.com%2F2d3a53bfd5e6a5d474cb0cccf071882f.gif%3Fpuid%3D%24UID

143.204.55.53

204 No Content

0 B

URL
s.ad.smaato.net/c/?adExInit=ILLU&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcs.admanmedia.com%2F2d3a53bfd5e6a5d474cb0cccf071882f.gif%3Fpuid%3D%24UID
IP
143.204.55.53:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /c/?adExInit=ILLU&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&redir=https%3A%2F%2Fcs.admanmedia.com%2F2d3a53bfd5e6a5d474cb0cccf071882f.gif%3Fpuid%3D%24UID HTTP/1.1
Host: s.ad.smaato.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: SCM=289e8a80b0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
server: CloudFront
date: Sat, 01 Feb 2025 10:52:46 GMT
cache-control: no-cache, must-revalidate
x-cache: Hit from cloudfront
via: 1.1 a034aae43a19aef875fa395182990970.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ewlj5WlikrZ64G795dRwWKiB9pce3wyBRZdyrXr9qpF3a0Mag9JizA==
age: 2
X-Firefox-Spdy: h2

sync.vistarsagency.com/match/illumin?id=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0

95.216.70.52

200 OK

43 B

URL
sync.vistarsagency.com/match/illumin?id=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0
IP
95.216.70.52:0
ASN
#24940 Hetzner Online GmbH

File type
GIF image data, version 89a, 1 x 1
Size
43 B (43 bytes)
Hash
07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

HTTP Headers

GET /match/illumin?id=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0 HTTP/1.1
Host: sync.vistarsagency.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:48 GMT
content-type: image/gif
content-length: 43
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2

us.ck-ie.com/act639.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_Consent]&us_privacy=[CCPA]&coppa=0&redir=https%3A%2F%2Fcs.admanmedia.com%2F62b6430e25b8b4664ae1c16e6d571926.gif%3Fpuid%3D%7B%24PARTNER_UID%7D

8.2.110.70

204 No Content

0 B

URL
us.ck-ie.com/act639.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_Consent]&us_privacy=[CCPA]&coppa=0&redir=https%3A%2F%2Fcs.admanmedia.com%2F62b6430e25b8b4664ae1c16e6d571926.gif%3Fpuid%3D%7B%24PARTNER_UID%7D
IP
8.2.110.70:0
ASN
#46636 NATCOWEB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /act639.gif?gdpr=[GDPR]&gdpr_consent=[GDPR_Consent]&us_privacy=[CCPA]&coppa=0&redir=https%3A%2F%2Fcs.admanmedia.com%2F62b6430e25b8b4664ae1c16e6d571926.gif%3Fpuid%3D%7B%24PARTNER_UID%7D HTTP/1.1
Host: us.ck-ie.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Server: nginx
Date: Sat, 01 Feb 2025 10:52:48 GMT
Content-Type: text/plain
Connection: keep-alive

www.temu.com/api/adx/cm/pixel-admanmedia?adx_uid=08191ad2-d17c-4b54-96e1-acc569a2a237

172.64.144.50

200 OK

0 B

URL
www.temu.com/api/adx/cm/pixel-admanmedia?adx_uid=08191ad2-d17c-4b54-96e1-acc569a2a237
IP
172.64.144.50:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /api/adx/cm/pixel-admanmedia?adx_uid=08191ad2-d17c-4b54-96e1-acc569a2a237 HTTP/1.1
Host: www.temu.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: __cf_bm=w17KVWXXW_iAQl.iSz2OIIdiSDXddeBB7Etq_qdEMg0-1738407156-1.0.1.1-BDUwMBgpeeVxPGcCaRNkW2yWFHlXT4.3WHUrYCECE0naejNcWvhMfiqOcbTwqp.EbsvVOz5Qb0wOaU4s62cZ7Q
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:48 GMT
content-length: 0
x-gateway-request-id: 1738407168616-8f6e92a56e876dafbb2189b8d68a23be
strict-transport-security: max-age=31536000
content-security-policy-report-only: default-src 'none';script-src 'report-sample';report-uri /api/sec-csp/110000007/sec-gif
yak-timeinfo: 1738407168616|2
set-cookie: api_uid=CnAolGed/QCe3gBWzZihAg==; expires=Sun, 01-Feb-26 10:52:48 GMT; domain=.temu.com; path=/; secure
cip: 91.90.42.154
alt-svc: h3=":443"; ma=86400
cf-cache-status: DYNAMIC
priority: u=4,i=?0
server: cloudflare
cf-ray: 90b164e379660b41-OSL
server-timing: cfExtPri

sync.adprime.com/30fcd873bc6135c435d7bb084fc3b04c.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]

8.2.110.13

204 No Content

0 B

URL GET HTTP/1.1
sync.adprime.com/30fcd873bc6135c435d7bb084fc3b04c.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]
IP
8.2.110.13:443
ASN
#46636 NATCOWEB

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerLet's Encrypt
Subjectdelta.adprime.com
Fingerprint1A:83:65:F3:7C:DE:4A:CF:56:9E:B9:89:6F:60:31:DA:AF:1A:0B:0D
ValidityFri, 31 Jan 2025 05:47:25 GMT - Thu, 01 May 2025 05:47:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /30fcd873bc6135c435d7bb084fc3b04c.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED] HTTP/1.1
Host: sync.adprime.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: usr=8e8ebf6d-5c75-4f38-9164-044cec45f919; adprime_r=15
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 204 No Content
Set-Cookie: usr=8e8ebf6d-5c75-4f38-9164-044cec45f919; path=/; domain=.adprime.com; expires=Sat, 15 Feb 2025 10:52:48 GMT;SameSite=None;Secure
adprime_r=15; path=/; domain=.adprime.com; expires=Sat, 15 Feb 2025 10:52:48 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Date: Sat, 01 Feb 2025 10:52:48 GMT
Connection: keep-alive
Keep-Alive: timeout=5

sync.colossusssp.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]

172.240.155.108

200 OK

42 B

URL GET HTTP/1.1
sync.colossusssp.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]
IP
172.240.155.108:443
ASN
#7979 SERVERS-COM

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerGoDaddy.com, Inc.
Subject*.colossusssp.com
Fingerprint59:63:78:1E:33:71:DC:CF:6F:27:50:35:C4:3A:C8:FE:2A:C8:9E:77
ValiditySun, 08 Sep 2024 14:24:37 GMT - Fri, 10 Oct 2025 14:24:37 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED] HTTP/1.1
Host: sync.colossusssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: gtm_usr=8182ced0-b7ad-44ea-b31b-cf573fc082d6; lmg_r=97
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:48 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: gtm_usr=8182ced0-b7ad-44ea-b31b-cf573fc082d6; path=/; domain=.colossusssp.com; expires=Sun, 01 Feb 2026 10:52:48 GMT;SameSite=None;Secure
lmg_r=97; path=/; domain=.colossusssp.com; expires=Sun, 01 Feb 2026 10:52:48 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

cs.playdigo.com/57c9cdd82c01aa0e2fc57f1863c43aba.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0

80.77.85.111

302 Found

0 B

URL
cs.playdigo.com/57c9cdd82c01aa0e2fc57f1863c43aba.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0
IP
80.77.85.111:0
ASN
#46636 NATCOWEB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /57c9cdd82c01aa0e2fc57f1863c43aba.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0 HTTP/1.1
Host: cs.playdigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: pd_key=e84f0068-56ba-476b-92cc-f0e0ca0e33f6; pb_red=17
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Set-Cookie: pd_key=e84f0068-56ba-476b-92cc-f0e0ca0e33f6; path=/; domain=.playdigo.com; expires=Sat, 15 Feb 2025 10:52:48 GMT;SameSite=None;Secure
pb_red=17; path=/; domain=.playdigo.com; expires=Sat, 15 Feb 2025 10:52:48 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://ads.stickyadstv.com/user-matching?id=3712&_fw_gdpr=[GDPR]&_fw_gdpr_consent=[GDPR_CONSENT]
Date: Sat, 01 Feb 2025 10:52:48 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

cs.admanmedia.com/ede3a686301e61ba2f7fc21a8866ca16.gif?puid=

80.77.87.162

302 Found

0 B

URL
cs.admanmedia.com/ede3a686301e61ba2f7fc21a8866ca16.gif?puid=
IP
80.77.87.162:0
ASN
#46636 NATCOWEB

Certificate
IssuerSectigo Limited
Subject*.admanmedia.com
Fingerprint1C:48:88:CE:3F:35:F6:5C:88:3A:E9:8A:DA:4C:49:6F:F7:A4:07:32
ValidityWed, 15 May 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ede3a686301e61ba2f7fc21a8866ca16.gif?puid= HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.admanmedia.com/
DNT: 1
Connection: keep-alive
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=CS334:1739011957089
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 01 Feb 2025 10:52:48 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:45 GMT;SameSite=None;Secure
ac_r=CS322:1739011968827; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:45 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=14558&endpoint=us-east

80.77.84.96

302 Found

0 B

URL
csync.copper6.com/41c1a65ad089ea94db1baec942f4daf6.gif?redir=https%3A%2F%2Fcs.admanmedia.com%2F4d8423f77f689cf43a5b68eb9e4008fb.gif%3Fpuid%3D08191ad2-d17c-4b54-96e1-acc569a2a237%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26ccpa%3D%5BCCPA%5D%26coppa%3D0
IP
80.77.84.96:0
ASN
#46636 NATCOWEB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /41c1a65ad089ea94db1baec942f4daf6.gif?redir=https%3A%2F%2Fcs.admanmedia.com%2F4d8423f77f689cf43a5b68eb9e4008fb.gif%3Fpuid%3D08191ad2-d17c-4b54-96e1-acc569a2a237%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26ccpa%3D%5BCCPA%5D%26coppa%3D0 HTTP/1.1
Host: csync.copper6.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: co_key=345cbc34-04c0-42a3-a110-b6079178964f; co_red=22
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Set-Cookie: co_key=345cbc34-04c0-42a3-a110-b6079178964f; path=/; domain=.copper6.com; expires=Sat, 15 Feb 2025 10:52:48 GMT;SameSite=None;Secure
co_red=22; path=/; domain=.copper6.com; expires=Sat, 15 Feb 2025 10:52:48 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://cs.admanmedia.com/4d8423f77f689cf43a5b68eb9e4008fb.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0
Date: Sat, 01 Feb 2025 10:52:48 GMT
Connection: keep-alive
Keep-Alive: timeout=5
Content-Length: 0

cs.pgammedia.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&coppa=0&gpp=[GPP]&gpp_sid=[GPP_SID]

80.77.87.200

302 Found

0 B

URL
cs.pgammedia.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&coppa=0&gpp=[GPP]&gpp_sid=[GPP_SID]
IP
80.77.87.200:0
ASN
#46636 NATCOWEB

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&coppa=0&gpp=[GPP]&gpp_sid=[GPP_SID] HTTP/1.1
Host: cs.pgammedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Cookie: pgam_uid=e6a220ba-28c1-428e-9794-381a2a6cf820; pgam_red=39
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx/1.20.2
Date: Sat, 01 Feb 2025 10:52:48 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: pgam_uid=e6a220ba-28c1-428e-9794-381a2a6cf820; path=/; domain=.pgammedia.com; expires=Sat, 15 Feb 2025 10:52:48 GMT;SameSite=None;Secure
pgam_red=39; path=/; domain=.pgammedia.com; expires=Sat, 15 Feb 2025 10:52:48 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=D0icIOZqSf&consentString=[consentString]&r=[RED]

cs.admanmedia.com/faede4ab85d3e6a67af5e526adfe3e99.gif?puid=36c93dc1-5a6b-4083-8488-90eb302b022d&gdpr_consent=[GDPR_CONSENT]&gdpr=[GDPR]

80.77.87.162

302 Found

0 B

URL
cs.admanmedia.com/faede4ab85d3e6a67af5e526adfe3e99.gif?puid=36c93dc1-5a6b-4083-8488-90eb302b022d&gdpr_consent=[GDPR_CONSENT]&gdpr=[GDPR]
IP
80.77.87.162:0
ASN
#46636 NATCOWEB

Certificate
IssuerSectigo Limited
Subject*.admanmedia.com
Fingerprint1C:48:88:CE:3F:35:F6:5C:88:3A:E9:8A:DA:4C:49:6F:F7:A4:07:32
ValidityWed, 15 May 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /faede4ab85d3e6a67af5e526adfe3e99.gif?puid=36c93dc1-5a6b-4083-8488-90eb302b022d&gdpr_consent=[GDPR_CONSENT]&gdpr=[GDPR] HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.admanmedia.com/
DNT: 1
Connection: keep-alive
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=CS334:1739011957089
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 01 Feb 2025 10:52:48 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:45 GMT;SameSite=None;Secure
ac_r=CS143:1739011968931; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:45 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://sync.colossusssp.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]

cs.admanmedia.com/4d8423f77f689cf43a5b68eb9e4008fb.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0

80.77.87.162

302 Found

0 B

URL
cs.admanmedia.com/4d8423f77f689cf43a5b68eb9e4008fb.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0
IP
80.77.87.162:0
ASN
#46636 NATCOWEB

Certificate
IssuerSectigo Limited
Subject*.admanmedia.com
Fingerprint1C:48:88:CE:3F:35:F6:5C:88:3A:E9:8A:DA:4C:49:6F:F7:A4:07:32
ValidityWed, 15 May 2024 00:00:00 GMT - Thu, 15 May 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /4d8423f77f689cf43a5b68eb9e4008fb.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&ccpa=[CCPA]&coppa=0 HTTP/1.1
Host: cs.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.admanmedia.com/
DNT: 1
Connection: keep-alive
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=CS322:1739011968827
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 302 Found
Server: nginx
Date: Sat, 01 Feb 2025 10:52:49 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:46 GMT;SameSite=None;Secure
ac_r=CS334:1739011969035; path=/; domain=.admanmedia.com; expires=Sat, 08 Feb 2025 10:19:46 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Location: https://visitor-illumin.omnitagjs.com/visitor/bsync?uid=608be693800d6d40634477ae78cceb24&name=illumin&gdpr=[GDPR]&gdpr_consent=[GDPR_CONSENT]&url=https%3A%2F%2Fcs.admanmedia.com%2F74172f4003ebedcfe885c499b6e819fd.gif%3Fpuid%3DPARTNER_USER_ID%26gdpr%3D[GDPR]%26gdpr_consent%3D[GDPR_CONSENT]

sync.colossusssp.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]

172.240.155.108

200 OK

42 B

URL GET HTTP/1.1
sync.colossusssp.com/41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED]
IP
172.240.155.108:443
ASN
#7979 SERVERS-COM

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerGoDaddy.com, Inc.
Subject*.colossusssp.com
Fingerprint59:63:78:1E:33:71:DC:CF:6F:27:50:35:C4:3A:C8:FE:2A:C8:9E:77
ValiditySun, 08 Sep 2024 14:24:37 GMT - Fri, 10 Oct 2025 14:24:37 GMT

File type
GIF image data, version 89a, 1 x 1
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /41c1a65ad089ea94db1baec942f4daf6.gif?puid=08191ad2-d17c-4b54-96e1-acc569a2a237&redir=[RED] HTTP/1.1
Host: sync.colossusssp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cs.admanmedia.com/
DNT: 1
Connection: keep-alive
Cookie: gtm_usr=8182ced0-b7ad-44ea-b31b-cf573fc082d6; lmg_r=97
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:49 GMT
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
Set-Cookie: gtm_usr=8182ced0-b7ad-44ea-b31b-cf573fc082d6; path=/; domain=.colossusssp.com; expires=Sun, 01 Feb 2026 10:52:49 GMT;SameSite=None;Secure
lmg_r=97; path=/; domain=.colossusssp.com; expires=Sun, 01 Feb 2026 10:52:49 GMT;SameSite=None;Secure
Cache-Control: no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: 0
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

onetag-sys.com/prebid-request

51.38.120.206

200 OK

41 B

URL POST HTTP/2
onetag-sys.com/prebid-request
IP
51.38.120.206:443
ASN
#16276 OVH SAS

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerDigiCert Inc
Subject*.onetag-sys.com
Fingerprint26:2D:63:1A:A7:C6:41:9C:A2:F5:39:CB:C4:F2:77:55:75:D9:90:82
ValidityTue, 21 Jan 2025 00:00:00 GMT - Sat, 27 Dec 2025 23:59:59 GMT

File type
JSON text data
Size
41 B (41 bytes)
Hash
c6a1847e6d7bb4295ecdae2664affb5d
b332217021c4a707f950ebc9294cda83cb2eb77f
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

HTTP Headers

POST /prebid-request HTTP/1.1
Host: onetag-sys.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 1699
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: https://recipesalba.com
access-control-allow-headers: content-type, origin, referer, user-agent
access-control-allow-credentials: true
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control: no-transform, no-cache
content-type: application/json
content-encoding: gzip
content-length: 41
strict-transport-security: max-age=15552000
alt-svc: h3=":443"; ma=900, h3-29=":443"; ma=900
X-Firefox-Spdy: h2

prebid.admanmedia.com/pbjs

109.206.161.28

200 OK

2 B

URL
prebid.admanmedia.com/pbjs
IP
109.206.161.28:0
ASN
#50245 Serverel Inc.

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: prebid.admanmedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 568
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: admtr=08191ad2-d17c-4b54-96e1-acc569a2a237; ac_r=CS334:1739011969035
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:49 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true

prebid.axis-marketplace.com/pbjs

80.77.87.74

200 OK

2 B

URL POST HTTP/1.1
prebid.axis-marketplace.com/pbjs
IP
80.77.87.74:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoDaddy.com, Inc.
Subject*.axis-marketplace.com
Fingerprint48:A1:B3:B7:84:2F:BD:CA:19:3B:7A:41:06:4E:4B:69:16:DD:FC:2A
ValidityWed, 31 Jul 2024 10:29:55 GMT - Mon, 01 Sep 2025 10:29:55 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: prebid.axis-marketplace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 569
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Date: Sat, 01 Feb 2025 10:52:49 GMT
Content-Type: application/json
Content-Length: 2
Connection: keep-alive
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true

ghb.console.adtarget.com.tr/v2/auction/

167.235.94.177

200 OK

331 B

URL POST HTTP/1.1
ghb.console.adtarget.com.tr/v2/auction/
IP
167.235.94.177:443
ASN
#24940 Hetzner Online GmbH

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerZeroSSL
Subjectghb.console.adtarget.com.tr
Fingerprint22:D9:D6:E9:49:E3:E2:65:72:C3:89:D5:6C:35:16:C1:2C:64:21:0F
ValidityFri, 24 Jan 2025 00:00:00 GMT - Thu, 24 Apr 2025 23:59:59 GMT

File type
JSON text data
Size
331 B (331 bytes)
Hash
3ab246c6c7dc59be55a1bf484e763e65
3602c05455b42d4cafa4fde326f39c76a199ffd2
b05a98b93a5c6fd69e09ba17c77df08e4b4ee9eb80d3d3ef933876863a3f42a0

HTTP Headers

POST /v2/auction/ HTTP/1.1
Host: ghb.console.adtarget.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 182
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: vmuid=f8ab35cd650acb90
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: Adtarget
Date: Sat, 01 Feb 2025 10:52:48 GMT
Content-Type: application/json; charset=UTF-8
Content-Length: 331
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Connection: Keep-Alive
Permissions-Policy: browsing-topics=()
X-Robots-Tag: noindex
Content-Encoding: gzip

107.23.13.97

204 No Content

0 B

URL GET HTTP/2
ssp.disqus.com/redirectuser?r=https%3A%2F%2Fcs.admanmedia.com%2F7df8d99918d2854384fc4c2d197ec3ff.gif%3Fpuid%3D%24UID%26redir%3D%5BRED%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26ccpa%3D%5BCCPA%5D%26coppa%3D0&partner=acuityads
IP
107.23.13.97:443
ASN
#14618 AMAZON-AES

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerAmazon
Subjectssp.disqus.com
FingerprintB7:96:BD:15:65:56:33:FE:02:3A:A7:8A:57:8F:70:4E:6A:F5:33:36
ValidityThu, 19 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /redirectuser?r=https%3A%2F%2Fcs.admanmedia.com%2F7df8d99918d2854384fc4c2d197ec3ff.gif%3Fpuid%3D%24UID%26redir%3D%5BRED%5D%26gdpr%3D%5BGDPR%5D%26gdpr_consent%3D%5BGDPR_CONSENT%5D%26ccpa%3D%5BCCPA%5D%26coppa%3D0&partner=acuityads HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:49 GMT
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2

ssp.disqus.com/match?bidder=26&buyeruid=08191ad2-d17c-4b54-96e1-acc569a2a237

107.23.13.97

204 No Content

0 B

URL GET HTTP/2
ssp.disqus.com/match?bidder=26&buyeruid=08191ad2-d17c-4b54-96e1-acc569a2a237
IP
107.23.13.97:443
ASN
#14618 AMAZON-AES

Requested by
https://cs.admanmedia.com/iframe?pbjs=1&coppa=0
Certificate
IssuerAmazon
Subjectssp.disqus.com
FingerprintB7:96:BD:15:65:56:33:FE:02:3A:A7:8A:57:8F:70:4E:6A:F5:33:36
ValidityThu, 19 Sep 2024 00:00:00 GMT - Fri, 17 Oct 2025 23:59:59 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /match?bidder=26&buyeruid=08191ad2-d17c-4b54-96e1-acc569a2a237 HTTP/1.1
Host: ssp.disqus.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://cs.admanmedia.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 204 No Content
date: Sat, 01 Feb 2025 10:52:49 GMT
cache-control: no-store
pragma: no-cache
expires: 0
X-Firefox-Spdy: h2

ml.pubcircle.ai/pbjs

80.77.86.40

200 OK

2 B

URL POST HTTP/1.1
ml.pubcircle.ai/pbjs
IP
80.77.86.40:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoDaddy.com, Inc.
Subject*.pubcircle.ai
Fingerprint86:C7:16:9D:27:5E:60:98:4E:00:2D:85:D3:FE:21:45:DD:F5:2C:61
ValidityFri, 14 Jun 2024 10:06:25 GMT - Sat, 14 Jun 2025 10:05:43 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: ml.pubcircle.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 566
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Content-Type: application/json
Connection: keep-alive
Content-Length: 2
Date: Sat, 01 Feb 2025 10:52:49 GMT

static.21wiz.com/mp_dist/protect_trackmaster.js?v1736414860411

172.67.214.3

200 OK

868 B

URL
static.21wiz.com/mp_dist/protect_trackmaster.js?v1736414860411
IP
172.67.214.3:0
ASN
#13335 CLOUDFLARENET

Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
gzip compressed data, from Unix
Size
868 B (868 bytes)
Hash
f6c71ab137f6a2718fc6c640f0cc048f
0e0f5803dc0dfbde1121aa05595edef3ea30451f
3a82f883dd23c0bc3d2ee15ae5a4af002d038084c1f5a5f406b28057f0fc62e3

HTTP Headers

GET /mp_dist/protect_trackmaster.js?v1736414860411 HTTP/1.1
Host: static.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:41 GMT
content-type: application/javascript
last-modified: Fri, 31 Jan 2025 13:07:22 GMT
vary: Accept-Encoding
etag: W/"679ccb0a-371"
x-movieads-country: NO
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-max-age: 1728000
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2748
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=uqRLGxjNaXNHwidasxUiSJEEPf1sKUrjCNYfe56qD09W8vMHhZsmYsEtVOm69reWh7KuTLhY%2BW5rDS5u3CaqGrWm0L7O9NQmXiIz%2B7FayOKDtAwMzHu3bUt2ZuQyJg%2B0iTCi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164b898a50b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5485&min_rtt=1551&rtt_var=5773&sent=363&recv=141&lost=0&retrans=0&sent_bytes=304214&recv_bytes=35595&delivery_rate=49278&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=17996&x=1", cfExtPri, cfHdrFlush;dur=0

ml.pubcircle.ai/pbjs

80.77.86.40

200 OK

2 B

URL POST HTTP/1.1
ml.pubcircle.ai/pbjs
IP
80.77.86.40:443
ASN
#46636 NATCOWEB

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoDaddy.com, Inc.
Subject*.pubcircle.ai
Fingerprint86:C7:16:9D:27:5E:60:98:4E:00:2D:85:D3:FE:21:45:DD:F5:2C:61
ValidityFri, 14 Jun 2024 10:06:25 GMT - Sat, 14 Jun 2025 10:05:43 GMT

File type
JSON text data
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

POST /pbjs HTTP/1.1
Host: ml.pubcircle.ai
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
content-type: text/plain
Content-Length: 767
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://recipesalba.com
Access-Control-Allow-Credentials: true
Content-Type: application/json
Connection: keep-alive
Content-Length: 2
Date: Sat, 01 Feb 2025 10:52:51 GMT

static.21wiz.com/yasdk/vw.js?v5

172.67.214.3

200 OK

1.4 kB

URL GET HTTP/3
static.21wiz.com/yasdk/vw.js?v5
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
JavaScript source, ASCII text
Size
1.4 kB (1403 bytes)
Hash
a66622b8397cb5b7eaeaf6be478ab248
dcb7cac9fd4c1f6b49c07531c37e3beb2b650c47
b390ac77cce9e350e49587c179849066c8af3bbd692a686a14242532ed5a98a1

HTTP Headers

GET /yasdk/vw.js?v5 HTTP/1.1
Host: static.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:52 GMT
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 10:14:05 GMT
vary: Accept-Encoding
etag: W/"6762a06d-137e"
x-movieads-country: BY
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2166
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=bM5UwlRyYdXyVaUQQQ98nnd8j5sdMf3Qq422htxHox4Ddsg0xbRX%2BFjim87iKUiV1aGjzWmOXSAOpWFFyz99PvjFOgQxXWn8zjxFqTffTg8SmJrcPvCXS36fSewLUJlDnOVN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164f94d2e0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5132&min_rtt=1250&rtt_var=4734&sent=423&recv=185&lost=0&retrans=0&sent_bytes=342127&recv_bytes=50152&delivery_rate=51015&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=28347&x=1", cfExtPri, cfHdrFlush;dur=0

static.21wiz.com/yasdk/vw.js?v5

172.67.214.3

200 OK

1.4 kB

URL GET HTTP/3
static.21wiz.com/yasdk/vw.js?v5
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
JavaScript source, ASCII text
Size
1.4 kB (1403 bytes)
Hash
a66622b8397cb5b7eaeaf6be478ab248
dcb7cac9fd4c1f6b49c07531c37e3beb2b650c47
b390ac77cce9e350e49587c179849066c8af3bbd692a686a14242532ed5a98a1

HTTP Headers

GET /yasdk/vw.js?v5 HTTP/1.1
Host: static.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:52 GMT
content-type: application/javascript
last-modified: Wed, 18 Dec 2024 10:14:05 GMT
vary: Accept-Encoding
etag: W/"6762a06d-137e"
x-movieads-country: BY
content-encoding: gzip
cache-control: max-age=14400
cf-cache-status: HIT
age: 2166
priority: u=2,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=7knp%2BCJMh0p2r4wPt17Vpt88nm%2BlYAe%2FPN61fGEoFash%2B8rSqXe%2B683OyK0O%2BPCZBygf72aFlGkHyw3A8DxL8PwnU9sZJBwTbdQvbR96pg4CtrAiYzeG7bbUsJnPc9RJihmE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164fade7f0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6399&min_rtt=1250&rtt_var=7259&sent=429&recv=191&lost=0&retrans=0&sent_bytes=345451&recv_bytes=51486&delivery_rate=51872&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=28592&x=1", cfExtPri, cfHdrFlush;dur=0

go-sync.adxpremium.services/static/setuid.html?bidder=luponmedia&uid=GET&redirect_url=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dluponmedia%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D

104.22.51.178

200 OK

819 B

URL
go-sync.adxpremium.services/static/setuid.html?bidder=luponmedia&uid=GET&redirect_url=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dluponmedia%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D
IP
104.22.51.178:0
ASN
#13335 CLOUDFLARENET

File type
HTML document, ASCII text
Size
819 B (819 bytes)
Hash
6bb35d336686aa98a404c747060daa79
6a178058ac18bac6e3f5bc8ace7b2908cc5769fd
e4143e1beb0d7f07f5a5cb9dc747674ef049dc37d7f414fb170249da0d2961d4

HTTP Headers

GET /static/setuid.html?bidder=luponmedia&uid=GET&redirect_url=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dluponmedia%26gdpr%3D0%26gdpr_consent%3D%26f%3Di%26uid%3D HTTP/1.1
Host: go-sync.adxpremium.services
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.cdn.admatic.com.tr/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: text/html; charset=utf-8
last-modified: Tue, 07 Jan 2025 13:40:26 GMT
cache-control: max-age=14400
cf-cache-status: HIT
age: 1066316
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b164701c8e56c6-OSL
content-encoding: br
X-Firefox-Spdy: h2

fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/4a3a05cf.js?npr=2b351962d5dd94636d2d0ec4ed68b4ba

104.22.52.160

200 OK

191 kB

URL GET HTTP/2
fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/4a3a05cf.js?npr=2b351962d5dd94636d2d0ec4ed68b4ba
IP
104.22.52.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (36331)
Size
191 kB (191355 bytes)
Hash
44891a49b3234615829ce93bb17a1e01
06395b274041bcd108bd77527de34422ec23e54f
c0f9147cdd32c47a89fe952ba7926d500f7d32358b7b6c3ff320892bd4fef71f

HTTP Headers

GET /r/56d8e76109aad0c06895b24547622d1f/4a3a05cf.js?npr=2b351962d5dd94636d2d0ec4ed68b4ba HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Jan 2025 12:21:14 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cache-control: max-age=2678400
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 90b1644c1fe756b4-OSL
X-Firefox-Spdy: h2

logger.21wiz.com/logger?v=480a3786f25b10cc21aadc157c93c886&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&t=player_init&a=&m=%7B%22vis%22%3A100%2C%22dv%22%3Atrue%2C%22jmap%22%3A10%2C%22blen%22%3A1%2C%22bounds%22%3A%7B%22x%22%3A0%2C%22y%22%3A0%2C%22width%22%3A400%2C%22height%22%3A225%2C%22top%22%3A0%2C%22right%22%3A400%2C%22bottom%22%3A225%2C%22left%22%3A0%7D%7D&o=&s2=1

172.67.214.3

200 OK

70 B

URL GET HTTP/3
logger.21wiz.com/logger?v=480a3786f25b10cc21aadc157c93c886&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&t=player_init&a=&m=%7B%22vis%22%3A100%2C%22dv%22%3Atrue%2C%22jmap%22%3A10%2C%22blen%22%3A1%2C%22bounds%22%3A%7B%22x%22%3A0%2C%22y%22%3A0%2C%22width%22%3A400%2C%22height%22%3A225%2C%22top%22%3A0%2C%22right%22%3A400%2C%22bottom%22%3A225%2C%22left%22%3A0%7D%7D&o=&s2=1
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Size
70 B (70 bytes)
Hash
b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

HTTP Headers

GET /logger?v=480a3786f25b10cc21aadc157c93c886&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&t=player_init&a=&m=%7B%22vis%22%3A100%2C%22dv%22%3Atrue%2C%22jmap%22%3A10%2C%22blen%22%3A1%2C%22bounds%22%3A%7B%22x%22%3A0%2C%22y%22%3A0%2C%22width%22%3A400%2C%22height%22%3A225%2C%22top%22%3A0%2C%22right%22%3A400%2C%22bottom%22%3A225%2C%22left%22%3A0%7D%7D&o=&s2=1 HTTP/1.1
Host: logger.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:42 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-logger-le: true
x-logger-tdb: wizads
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=mM6hBVLLQ5ic8fImRAihGT%2BQ5mQyc6%2BUla%2BT7%2Blwgy3XfHV3ffLGU7xhFbCl3x9ejwiWe8Lfrf5LmrouzMsFwZBdJW9X8ezkCfYdSwKpIv0Vg5dyJTn%2FieCtnFXOum36w3Xx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164bd3c5c0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5840&min_rtt=1551&rtt_var=6280&sent=402&recv=167&lost=0&retrans=0&sent_bytes=328906&recv_bytes=44336&delivery_rate=886&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=18764&x=1", cfExtPri, cfHdrFlush;dur=0

static.smilewanted.com/js/decode_consent/decode_consent.js

104.22.31.209

200 OK

50 kB

URL GET HTTP/2
static.smilewanted.com/js/decode_consent/decode_consent.js
IP
104.22.31.209:443
ASN
#13335 CLOUDFLARENET

Requested by
https://csync.smilewanted.com/
Certificate
IssuerGoogle Trust Services
Subjectsmilewanted.com
Fingerprint80:BC:6D:70:81:04:D3:A1:6B:84:DD:7D:FD:8F:15:14:D3:53:63:0D
ValiditySun, 08 Dec 2024 21:29:07 GMT - Sat, 08 Mar 2025 21:29:06 GMT

File type
JavaScript source, ASCII text, with very long lines (49614), with no line terminators
Size
50 kB (49614 bytes)
Hash
00ff8001302d3748ba139466fc3910c1
8210e702fe525e6cddc84758ec51e96a4d703186
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f

HTTP Headers

GET /js/decode_consent/decode_consent.js HTTP/1.1
Host: static.smilewanted.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://csync.smilewanted.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:29 GMT
content-type: application/javascript
last-modified: Thu, 15 Apr 2021 17:11:55 GMT
etag: W/"607873db-c1ce"
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: strict-origin
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1233509
vary: Accept-Encoding
server: cloudflare
cf-ray: 90b1646c3d2eb51d-OSL
content-encoding: br
X-Firefox-Spdy: h2

21wiz.com/s.js?v=480a3786f25b10cc21aadc157c93c886

172.67.214.3

200 OK

4.1 kB

URL GET HTTP/2
21wiz.com/s.js?v=480a3786f25b10cc21aadc157c93c886
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
JavaScript source, ASCII text, with very long lines (4521), with no line terminators
Size
4.1 kB (4124 bytes)
Hash
024c2dea2d6fa7b9145260b164438e62
1f93832608881eb2b8ea6117c91a5da2273aa56a
530fbda52a50baecb6bec58776c363ee006caabd17a7288890d72fca36780d02

HTTP Headers

GET /s.js?v=480a3786f25b10cc21aadc157c93c886 HTTP/1.1
Host: 21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=zKJvlfY%2B%2F6LttgG8QzZKOU3wD0x%2BDW32cGaEA73%2BR%2BrbGxpvUAR%2FqVX8JfLF5PskqNyUDy4i5zZTvj1PA1iucSNThqp%2Fk3FPWfq4ZCxmM5ibRBH0bDZJlIIJoDU%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b16447d9040b45-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=662&min_rtt=447&rtt_var=217&sent=7&recv=10&lost=0&retrans=0&sent_bytes=3191&recv_bytes=1082&delivery_rate=8180790&cwnd=249&unsent_bytes=0&cid=e70fb9670364f01e&ts=76&x=0"
X-Firefox-Spdy: h2

21wiz.com/cs/202502011352.js?v=480a3786f25b10cc21aadc157c93c886&_t=1738407144616.616

172.67.214.3

200 OK

125 kB

URL GET HTTP/3
21wiz.com/cs/202502011352.js?v=480a3786f25b10cc21aadc157c93c886&_t=1738407144616.616
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type

Size
125 kB (125326 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cs/202502011352.js?v=480a3786f25b10cc21aadc157c93c886&_t=1738407144616.616 HTTP/1.1
Host: 21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:24 GMT
content-type: application/javascript;charset=UTF-8
vary: Accept-Encoding
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
pragma: no-cache
x-movieads-udata: cache
x-yac-source: Yac
x-movieads-setup: combo
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: BYPASS
set-cookie: sky_uuid=f473f23f-8e93-4566-908b-df917ea510b3; expires=Sun, 01-Feb-2026 10:52:24 GMT; Max-Age=31536000; path=/; SameSite=None;Secure
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=T2%2Fb7fnhmMJE2KYi61tBE%2B4we9baqZYzbdKXxvQL4jra9t4%2BwVny6nUQ%2BMKrQTOv%2BOYeZMXPb0nzl87Ptz%2BXlwBWAxROCxGZRINMV6YlU0jiNoYVuere0yDY%2FXg%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b1644e0a2d0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: App_toggle;dur=3.21, Bootstrap;dur=0.07, RedisFactory;dur=0.19, LocalRedis;dur=0.80, Redis_get_wm_480a3786f25b10cc21aadc157c93c886;dur=0.44, cfL4;desc="?proto=QUIC&rtt=4995&min_rtt=4872&rtt_var=2073&sent=12&recv=8&lost=0&retrans=0&sent_bytes=4088&recv_bytes=1213&delivery_rate=101158&cwnd=12000&unsent_bytes=0&cid=647b1420534dce91&ts=1043&x=1", cfExtPri, cfHdrFlush;dur=0

code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adk_vd&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360

172.67.214.3

200 OK

25 B

URL GET HTTP/3
code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adk_vd&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
b0852443795fa031cca5c56bd0e95c7c
d8da61aa529e061fbcd2da5f4435de35d43ec066
6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

HTTP Headers

GET /vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adk_vd&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407162; 41rmads=1738407162; 119rmads=1738407147; 193rmads=1738407147; 664rmads=1738407147; 12rmads=1738407147; 718rmads=1738407147; 197rmads=1738407147; 739rmads=1738407147; 651rmads=1738407147; 741rmads=1738407147; 720rmads=1738407148
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:42 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,83752
x-wizads-referrer: https://recipesalba.com/
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 739rmads=1738407162; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=OzI1Kvbxu170%2FmQwPrnB9gMi%2F19KsBmhIqW%2FQwlOnSQkUb%2Fgj2eiaQfI3UI%2Fcuy7wusRqRykfXXwwb9L5VRHqh0Q0pKSBvmCjDHhCN2hwEUeyj6hyTGnh5P1KIDdg9dOVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164bdacc40b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4766&min_rtt=1551&rtt_var=4130&sent=409&recv=172&lost=0&retrans=0&sent_bytes=333474&recv_bytes=46138&delivery_rate=49261&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=18922&x=1", cfExtPri, cfHdrFlush;dur=0

logger.21wiz.com/logger?t=player_frame_loaded_new&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&a=&m=1&v=480a3786f25b10cc21aadc157c93c886&o=

172.67.214.3

200 OK

70 B

URL GET HTTP/3
logger.21wiz.com/logger?t=player_frame_loaded_new&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&a=&m=1&v=480a3786f25b10cc21aadc157c93c886&o=
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
PNG image data, 1 x 1, 8-bit/color RGBA, non-interlaced
Size
70 B (70 bytes)
Hash
b357a19c87624c7c4d131aeeb4ae677f
c7a9c45fd419815a5ab1998503a9f03514c0e229
497790947d4666760ce38f3c00e852c71fdb66cae849bae8e9ede352719e1581

HTTP Headers

GET /logger?t=player_frame_loaded_new&c=e09ad56a-9cee-4527-9627-a4a63e03c4d5&a=&m=1&v=480a3786f25b10cc21aadc157c93c886&o= HTTP/1.1
Host: logger.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:41 GMT
content-type: Content-Type: image/png
vary: Accept-Encoding
x-logger-le: true
x-logger-tdb: wizads
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=u3x8YfDusLs7o1bMUSWhK1FLgYc5T%2BAwSMr44M9kc4FPA%2BFxnwtkFdDEnjhzmmXfKjssBrXr9xREjVqb%2BlohnyYPmrwttAhEjQu0a%2FmszIlX6csz%2B8ktSK7RWG%2F2LbHXOQMz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164b72faf0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=6464&min_rtt=1551&rtt_var=7217&sent=356&recv=136&lost=0&retrans=0&sent_bytes=300092&recv_bytes=34306&delivery_rate=290107&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=17792&x=1", cfExtPri, cfHdrFlush;dur=0

cs.axis-marketplace.com/iframe?pbjs=1&coppa=0

0.0.0.0

0 B

URL GET
cs.axis-marketplace.com/iframe?pbjs=1&coppa=0
IP
0.0.0.0:0
ASN
#0

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /iframe?pbjs=1&coppa=0 HTTP/1.1
Host: cs.axis-marketplace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adm_out3&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360

172.67.214.3

200 OK

25 B

URL GET HTTP/3
code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adm_out3&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
b0852443795fa031cca5c56bd0e95c7c
d8da61aa529e061fbcd2da5f4435de35d43ec066
6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

HTTP Headers

GET /vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adm_out3&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407162; 41rmads=1738407162; 119rmads=1738407162; 193rmads=1738407147; 664rmads=1738407147; 12rmads=1738407147; 718rmads=1738407147; 197rmads=1738407147; 739rmads=1738407162; 651rmads=1738407147; 741rmads=1738407147; 720rmads=1738407148
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:42 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,160358
x-wizads-referrer: https://recipesalba.com/
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 718rmads=1738407162; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=hJ4d9H8KNkVO7C%2FocCx1j97CvWy8CTk2nvSl9JdQquRA9fEOydTtXyHmEgaj%2FgvI6p%2BFeqgY9%2F9Syd0r%2FhJIqFD2D6kfQiGLTZ6rTd%2F8mQdimPuID9BlHa1WOtBtlQn1Dg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164be8d6c0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4485&min_rtt=1250&rtt_var=3520&sent=413&recv=176&lost=0&retrans=0&sent_bytes=335730&recv_bytes=47896&delivery_rate=66075&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=19054&x=1", cfExtPri, cfHdrFlush;dur=0

code.21wiz.com/go/bn?key=480a3786f25b10cc21aadc157c93c886&cp.adsource=pbcrlcrbr&vt=100&w=300&h=250&cp.referer=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fid=f4a8c5ab72e94e0e6&cp.tanc=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030

172.67.214.3

200 OK

8.0 kB

URL GET HTTP/3
code.21wiz.com/go/bn?key=480a3786f25b10cc21aadc157c93c886&cp.adsource=pbcrlcrbr&vt=100&w=300&h=250&cp.referer=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fid=f4a8c5ab72e94e0e6&cp.tanc=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
JavaScript source, ASCII text, with very long lines (8000), with no line terminators
Size
8.0 kB (8000 bytes)
Hash
54f75df5a040c146fc1cc17d6c0d3e42
bbef5dad437e24ecc7cb4f90a3ee3a8b65718383
e680b387a9c15b26aa1fb4b0540e34d9b9ac266dd0313163fd15c1d06fe38bc1

HTTP Headers

GET /go/bn?key=480a3786f25b10cc21aadc157c93c886&cp.adsource=pbcrlcrbr&vt=100&w=300&h=250&cp.referer=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&fid=f4a8c5ab72e94e0e6&cp.tanc=&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407147; 41rmads=1738407147; 119rmads=1738407147; 193rmads=1738407147; 664rmads=1738407147; 12rmads=1738407147; 718rmads=1738407147; 197rmads=1738407147; 739rmads=1738407147; 651rmads=1738407147; 741rmads=1738407147; 720rmads=1738407148
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:42 GMT
content-type: text/javascript;charset=UTF-8
vary: Accept-Encoding
x-wizads-path: /
x-wizads-referrer: https://recipesalba.com/
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,64486
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=%2Fe4uT3pdAndOPCJNhLxYZUkQn4dshnl1KhyDJH%2Ft01i%2BEso7LBpx68viKNA2r8OgX7yUPO5WWDDHVEl9Q%2FCYgT3IbBlaKtmn%2F%2Bp0Nk2XzrDAgIFs7gHNqoL%2BTupFltYzpA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164ba5a010b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5826&min_rtt=1551&rtt_var=6826&sent=381&recv=155&lost=0&retrans=0&sent_bytes=314727&recv_bytes=38360&delivery_rate=777888&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=18301&x=1", cfExtPri, cfHdrFlush;dur=0

static.cdn.admatic.com.tr/cookie.html?bidder=onetag&gdpr=0&gdpr_consent=&f=i&uid=

172.67.73.96

200 OK

1.8 kB

URL GET HTTP/3
static.cdn.admatic.com.tr/cookie.html?bidder=onetag&gdpr=0&gdpr_consent=&f=i&uid=
IP
172.67.73.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://static.cdn.admatic.com.tr/sync.html
Certificate
IssuerLet's Encrypt
Subjectstatic.cdn.admatic.com.tr
Fingerprint2E:3B:C9:81:C9:E6:B0:6A:8C:FC:E6:34:DA:63:B0:9B:85:6E:F0:3A
ValidityWed, 08 Jan 2025 05:03:59 GMT - Tue, 08 Apr 2025 05:03:58 GMT

File type
HTML document, ASCII text, with very long lines (1827), with no line terminators
Size
1.8 kB (1756 bytes)
Hash
eccb490ffdea0c0038848d1600e0fb22
77ce48f11172efb0fccbcea06f12772654b91aae
260abd70dac02e45582c4967d7ea17605202ac304b506917c096d0b3e863ec30

HTTP Headers

GET /cookie.html?bidder=onetag&gdpr=0&gdpr_consent=&f=i&uid= HTTP/1.1
Host: static.cdn.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.cdn.admatic.com.tr/
DNT: 1
Connection: keep-alive
Cookie: adplus_digital_id=0.dtqhamnu4p
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: text/html
cdn-pullzone: 1905149
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
last-modified: Fri, 31 Jan 2025 20:54:20 GMT
cdn-storageserver: DE-1021
cdn-fileserver: 971
cdn-proxyver: 1.19
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/31/2025 20:54:27
cdn-edgestorageid: 755
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: 30aba3e7a3e1c0ed393bc7e029692c02
cdn-cache: HIT
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=GsYB2G%2F5X5rtUD%2FPX4LnuGRY1kuVsziBuYqD7rtPyVtJcpQUczU0Wtxu67luGBW5lxTRt%2F3tguDVHC0KiyUe36T%2FXQ6meBTRmpU059oxstulZWJarWu%2FIr5alqF6pRQT5n48Vp%2BOxkO4BaI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b16470ac7f56ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5162&min_rtt=2434&rtt_var=2559&sent=18&recv=10&lost=0&retrans=0&sent_bytes=5864&recv_bytes=1712&delivery_rate=1956&cwnd=12000&unsent_bytes=0&cid=c262a84536ea9f52&ts=1065&x=1", cfExtPri, cfHdrFlush;dur=0

fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/4a3a05cf.js?npr=2b351962d5dd94636d2d0ec4ed68b4ba

104.22.52.160

200 OK

191 kB

URL GET HTTP/2
fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/4a3a05cf.js?npr=2b351962d5dd94636d2d0ec4ed68b4ba
IP
104.22.52.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (36331)
Size
191 kB (191355 bytes)
Hash
44891a49b3234615829ce93bb17a1e01
06395b274041bcd108bd77527de34422ec23e54f
c0f9147cdd32c47a89fe952ba7926d500f7d32358b7b6c3ff320892bd4fef71f

HTTP Headers

GET /r/56d8e76109aad0c06895b24547622d1f/4a3a05cf.js?npr=2b351962d5dd94636d2d0ec4ed68b4ba HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Jan 2025 12:21:14 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cache-control: max-age=2678400
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 90b1644baf4b56b4-OSL
X-Firefox-Spdy: h2

172.67.214.3

200 OK

25 B

URL GET HTTP/3
code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=sdyn&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
b0852443795fa031cca5c56bd0e95c7c
d8da61aa529e061fbcd2da5f4435de35d43ec066
6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

HTTP Headers

GET /vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=sdyn&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407147; 41rmads=1738407147; 119rmads=1738407147; 193rmads=1738407147; 664rmads=1738407147; 12rmads=1738407147; 718rmads=1738407147; 197rmads=1738407147; 739rmads=1738407147; 651rmads=1738407147; 741rmads=1738407147; 720rmads=1738407148
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:42 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,63625
x-wizads-referrer: https://recipesalba.com/
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 12rmads=1738407162; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8HDvGohrJHvbQSDk8r6FDBXn2VF0vcwgDKMVovFMo7h4t3%2Bsk2LbLUeX9vJLCUkACGB0C%2Fc2tg7%2BpO4TLYipnK0%2Byyzyt5QY4%2B0ehD3kGoTEgbWaGreMcvr67HcQJMXSYQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164bd5c700b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=5974&min_rtt=1250&rtt_var=5713&sent=417&recv=180&lost=0&retrans=0&sent_bytes=339046&recv_bytes=48867&delivery_rate=47723&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=19229&x=1", cfExtPri, cfHdrFlush;dur=0

code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adsflcr&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360

172.67.214.3

200 OK

25 B

URL GET HTTP/3
code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adsflcr&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
b0852443795fa031cca5c56bd0e95c7c
d8da61aa529e061fbcd2da5f4435de35d43ec066
6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

HTTP Headers

GET /vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=adsflcr&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407162; 41rmads=1738407162; 119rmads=1738407162; 193rmads=1738407147; 664rmads=1738407147; 12rmads=1738407147; 718rmads=1738407147; 197rmads=1738407147; 739rmads=1738407147; 651rmads=1738407147; 741rmads=1738407147; 720rmads=1738407148
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:42 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,47955
x-wizads-referrer: https://recipesalba.com/
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 664rmads=1738407162; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=0jNFkVpwXJan936WZo%2Bim4uuPU%2BusCWESzGe7%2BahPEYNvD8tHNPESDjEsIWsSoRfgPsKCozaJ5h1rlrvHrNAmasOrIpgUpVRokyIToFIdK1CmXAfpUFxNJZdAgWW3x71cg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164bdeced0b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4948&min_rtt=1551&rtt_var=3462&sent=411&recv=174&lost=0&retrans=0&sent_bytes=334602&recv_bytes=47017&delivery_rate=51623&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=18957&x=1", cfExtPri, cfHdrFlush;dur=0

static.cdn.admatic.com.tr/sync.html

172.67.73.96

200 OK

8.1 kB

URL GET HTTP/2
static.cdn.admatic.com.tr/sync.html
IP
172.67.73.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerLet's Encrypt
Subjectstatic.cdn.admatic.com.tr
Fingerprint2E:3B:C9:81:C9:E6:B0:6A:8C:FC:E6:34:DA:63:B0:9B:85:6E:F0:3A
ValidityWed, 08 Jan 2025 05:03:59 GMT - Tue, 08 Apr 2025 05:03:58 GMT

File type
HTML document, ASCII text, with very long lines (9286), with no line terminators
Size
8.1 kB (8099 bytes)
Hash
03fa07d23ef614f748cb9a737ea28a3e
87da1fc240f5f917c9ac943415595ed802bb2a87
438f44f1aa3bc29a5f2bf8079a0f137c8e5a7c69e544403919fd6525d6bb8109

HTTP Headers

GET /sync.html HTTP/1.1
Host: static.cdn.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:29 GMT
content-type: text/html
cdn-pullzone: 1905149
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
last-modified: Fri, 15 Nov 2024 07:02:35 GMT
cdn-storageserver: DE-639
cdn-fileserver: 639
cdn-proxyver: 1.19
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 01/31/2025 20:54:27
cdn-edgestorageid: 874
cdn-status: 200
cdn-requesttime: 1
cdn-requestid: 18398b5d7035a4a6289cb50fbd53960b
cdn-cache: HIT
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=TblAsEbjTt9ILIvyqvTQDGOYimIWrln95qkMO4tUXoQz3hZjl%2FJtiwdulZjvD4VuHr5D4xqND7qgnwATRbgB6OlSnE3t%2FLDlC9mS8BvQQXGWaTzd5JRXvUaKMsZKqlazGBue45GXbdIIs8M%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b16469bb09b51d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=1196&min_rtt=547&rtt_var=1269&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2861&recv_bytes=1294&delivery_rate=4575039&cwnd=253&unsent_bytes=0&cid=0a1677d24d6f02ee&ts=79&x=0"
X-Firefox-Spdy: h2

dsp-service/users/sync/?redir=https%3A%2F%2F%2Fsetuid%3Fbidder%3D%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3Deba33a54-3d16-4e79-a18b-da36d57f1cae

0.0.0.0

0 B

URL GET
dsp-service/users/sync/?redir=https%3A%2F%2F%2Fsetuid%3Fbidder%3D%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3Deba33a54-3d16-4e79-a18b-da36d57f1cae
IP
0.0.0.0:0
ASN
#0

Requested by
https://dsp-service.netaddiction.tech/cookie_sync?r=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dnetaddiction%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /users/sync/?redir=https%3A%2F%2F%2Fsetuid%3Fbidder%3D%26gdpr%3D%26gdpr_consent%3D%26f%3Db%26uid%3Deba33a54-3d16-4e79-a18b-da36d57f1cae HTTP/1.1
Host: dsp-service
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dsp-service.netaddiction.tech/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

172.67.214.3

200 OK

25 B

URL GET HTTP/3
code.21wiz.com/vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=bofads_out&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360
IP
172.67.214.3:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type
ASCII text, with no line terminators
Size
25 B (25 bytes)
Hash
b0852443795fa031cca5c56bd0e95c7c
d8da61aa529e061fbcd2da5f4435de35d43ec066
6b47d02459afa1a14571100b85ed5d0e9d86095ef8a4f7a1dbbc2007c9222583

HTTP Headers

GET /vast2?key=480a3786f25b10cc21aadc157c93c886&sid=autoplay&cp.adsource=bofads_out&cp.adtype=pre&vt=100&fp=[fp]&w=400&h=225&vid=&fpro=&ma=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&suri=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&rdd1=true&cp.session=e09ad56a-9cee-4527-9627-a4a63e03c4d5&cp.referer=https%253A%252F%252Frecipesalba.com%252Fnews%252F842d4af18cd9ce5a67334c40f30b8465%252Fcascade&cp.cb=a464f71c-bf53-7bc3-cb0b-b35bd56e0360 HTTP/1.1
Host: code.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://recipesalba.com
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Cookie: sky_uuid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030; bcbn=821acca39e82d4f131c11446d346ddf6; 310rmads=1738407162; 41rmads=1738407162; 119rmads=1738407162; 193rmads=1738407147; 664rmads=1738407162; 12rmads=1738407147; 718rmads=1738407147; 197rmads=1738407147; 739rmads=1738407162; 651rmads=1738407147; 741rmads=1738407147; 720rmads=1738407148
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:42 GMT
content-type: text/xml;charset=UTF-8
vary: Accept-Encoding
x-wizads-cors-qex: Referer
x-wizads-path: /
access-control-allow-credentials: true
access-control-allow-origin: https://recipesalba.com
x-wizads-udata: cache,parsed,79660
x-wizads-referrer: https://recipesalba.com/
x-cache-source: Rist
x-wizads-mrc: no
x-wizads-ref: {"Scheme":"https","Opaque":"","User":null,"Host":"recipesalba.com","Path":"/","RawPath":"","OmitHost":false,"ForceQuery":false,"RawQuery":"","Fragment":"","RawFragment":""}
set-cookie: 197rmads=1738407162; max-age=31536000; path=/; HttpOnly; secure; SameSite=None
x-movieads-country: NO
content-encoding: gzip
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vVYVTMOrGbqgkb%2BbocNm3fmeZQPxtgbxa%2Bap5WFuQVEjTwnJlh0mpc4UXPYduNTlqkF%2Bl%2BwxsCfbOSTiVwzKZZGJ1Kq8Z1n29gTjqGgAKQUcRB7RfBBpNTwfew7rkn73sA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164bebd920b59-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4310&min_rtt=1250&rtt_var=2990&sent=415&recv=178&lost=0&retrans=0&sent_bytes=336857&recv_bytes=48775&delivery_rate=51076&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=19110&x=1", cfExtPri, cfHdrFlush;dur=0

cdn.cookielaw.org/consent/tcf.stub.js

104.18.87.42

200 OK

1.7 kB

URL GET HTTP/2
cdn.cookielaw.org/consent/tcf.stub.js
IP
104.18.87.42:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectcookielaw.org
Fingerprint00:62:83:17:27:F6:8B:F0:DA:0D:1E:C8:0D:7D:A9:28:62:F4:D5:F7
ValidityMon, 09 Dec 2024 19:16:11 GMT - Sun, 09 Mar 2025 20:16:09 GMT

File type
JavaScript source, ASCII text, with very long lines (1767), with no line terminators
Size
1.7 kB (1734 bytes)
Hash
9f4804784218f32b63e2871b219c0947
b66007339065e2b0259d732e90f3468fd167b775
64030a4979fcf86cc46a40810a076763400492b2a9b4c7fac96112e5478fc09f

HTTP Headers

GET /consent/tcf.stub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:43 GMT
content-type: application/javascript
cf-ray: 90b164c12ced5687-OSL
cf-cache-status: HIT
access-control-allow-origin: *
age: 29185
cache-control: public, max-age=86400
expires: Sun, 02 Feb 2025 10:52:43 GMT
last-modified: Thu, 30 Jan 2025 20:21:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
content-md5: 4dKSUfF1LmNaXMbEM9hDaw==
x-content-type-options: nosniff
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 80829c57-301e-00ae-269a-73b0e7000000
x-ms-version: 2009-09-19
cross-origin-resource-policy: cross-origin, cross-origin
server: cloudflare
content-encoding: gzip
X-Firefox-Spdy: h2

static.cdn.admatic.com.tr/cookie.html?bidder=pixad&gdpr=0&gdpr_consent=&f=b&uid=683baa5c-6c9c-4053-9f97-20479c87683b

172.67.73.96

200 OK

1.8 kB

URL GET HTTP/3
static.cdn.admatic.com.tr/cookie.html?bidder=pixad&gdpr=0&gdpr_consent=&f=b&uid=683baa5c-6c9c-4053-9f97-20479c87683b
IP
172.67.73.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://static.cdn.admatic.com.tr/sync.html
Certificate
IssuerLet's Encrypt
Subjectstatic.cdn.admatic.com.tr
Fingerprint2E:3B:C9:81:C9:E6:B0:6A:8C:FC:E6:34:DA:63:B0:9B:85:6E:F0:3A
ValidityWed, 08 Jan 2025 05:03:59 GMT - Tue, 08 Apr 2025 05:03:58 GMT

File type
HTML document, ASCII text, with very long lines (1827), with no line terminators
Size
1.8 kB (1756 bytes)
Hash
eccb490ffdea0c0038848d1600e0fb22
77ce48f11172efb0fccbcea06f12772654b91aae
260abd70dac02e45582c4967d7ea17605202ac304b506917c096d0b3e863ec30

HTTP Headers

GET /cookie.html?bidder=pixad&gdpr=0&gdpr_consent=&f=b&uid=683baa5c-6c9c-4053-9f97-20479c87683b HTTP/1.1
Host: static.cdn.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://static.cdn.admatic.com.tr/
DNT: 1
Connection: keep-alive
Cookie: adplus_digital_id=0.dtqhamnu4p
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: text/html
cdn-pullzone: 1905149
cdn-uid: e7d0f040-08f3-443e-a640-656beb6c8b3b
cdn-requestcountrycode: NO
vary: Accept-Encoding
access-control-allow-origin: *
access-control-allow-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
access-control-expose-headers: Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control: public, max-age=3600
last-modified: Fri, 31 Jan 2025 20:54:20 GMT
cdn-storageserver: DE-1020
cdn-fileserver: 971
cdn-proxyver: 1.19
cdn-requestpullsuccess: True
cdn-requestpullcode: 200
cdn-cachedat: 02/01/2025 10:52:30
cdn-edgestorageid: 756
cdn-status: 200
cdn-requesttime: 0
cdn-requestid: b67318b0cf54a8b81c840b6b0a1d26ab
cdn-cache: MISS
cf-cache-status: DYNAMIC
priority: u=4,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=nq%2FhwBP5Au%2FyB6HWNByNoi4b9Z52%2FZNl5XIGxU%2BjUimoOZn10XlV1L3LVARyOxdrdyMzW4HSpSOWrR3VVemUmDNtmb0eFOBJTsI1P39IGzcSAlyQ0EmSfNulte0JQMonZtbHIdL8DVhdxJI%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b164712d1756ae-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=4572&min_rtt=2434&rtt_var=2448&sent=26&recv=14&lost=0&retrans=0&sent_bytes=9895&recv_bytes=2644&delivery_rate=27085&cwnd=12000&unsent_bytes=0&cid=c262a84536ea9f52&ts=1169&x=1", cfExtPri, cfHdrFlush;dur=0

platform.bidgear.com/ads.php?domainid=8585&sizeid=1&zoneid=10281

104.26.2.107

200 OK

2.0 kB

URL GET HTTP/2
platform.bidgear.com/ads.php?domainid=8585&sizeid=1&zoneid=10281
IP
104.26.2.107:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectbidgear.com
Fingerprint52:B5:12:71:38:26:D5:13:3F:14:BB:BA:3D:D5:17:80:A9:75:31:4F
ValidityMon, 20 Jan 2025 04:33:39 GMT - Sun, 20 Apr 2025 05:33:33 GMT

File type
JavaScript source, ASCII text, with very long lines (2079), with no line terminators
Size
2.0 kB (2009 bytes)
Hash
42c8e607d7fac99b1a587e01f9ffc491
031767beafc5b907c04db479eb2f637c6e67fb2d
a422051b639dc790edf15b109443fc8a76bc3d1f79cb78fb758f7e41af7aa763

HTTP Headers

GET /ads.php?domainid=8585&sizeid=1&zoneid=10281 HTTP/1.1
Host: platform.bidgear.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:23 GMT
content-type: application/javascript
vary: Accept-Encoding
cache-control: no-cache, no-store, must-revalidate
expires: 0
pragma: no-cache
content-encoding: gzip
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=WqD5IyRzrPtWbz8lz6%2Ffp1MRs0GmxuPMzpgynEM1yQ6rlZOZm8hwavNQu7Pcca83Jfarfs%2F7d7H7gOMe%2B%2BIzau9DpHRBzjNvLt2s62hrH2Puhbi1bOLMgaKNQ8qaa00LreA1D4Eg"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b16447d82b56cc-OSL
server-timing: cfL4;desc="?proto=TCP&rtt=672&min_rtt=478&rtt_var=117&sent=8&recv=10&lost=0&retrans=0&sent_bytes=3198&recv_bytes=1092&delivery_rate=6084033&cwnd=254&unsent_bytes=0&cid=29608e75725e522c&ts=156&x=0"
X-Firefox-Spdy: h2

pl.21wiz.com/frndnp.php?ver=1&autoplay=1&v=480a3786f25b10cc21aadc157c93c886&cb=e09ad56a-9cee-4527-9627-a4a63e03c4d5&fclose=false&jh=cpzse3jqgeazq4m4f3ts65e&sth=qp4gn7djcczdrcmzpf7nha5xpw&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&cdiv=73&frnd=true&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&country=NO&spy=yes&rel=true&rnd=1738407150293&cnt=1&tls=no&instant=yes

0.0.0.0

200 OK

0 B

URL GET
pl.21wiz.com/frndnp.php?ver=1&autoplay=1&v=480a3786f25b10cc21aadc157c93c886&cb=e09ad56a-9cee-4527-9627-a4a63e03c4d5&fclose=false&jh=cpzse3jqgeazq4m4f3ts65e&sth=qp4gn7djcczdrcmzpf7nha5xpw&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&cdiv=73&frnd=true&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&country=NO&spy=yes&rel=true&rnd=1738407150293&cnt=1&tls=no&instant=yes
IP
0.0.0.0:0
ASN
#0

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subject21wiz.com
Fingerprint9E:EC:56:D5:D4:EC:8A:6C:88:24:52:E7:4B:42:F4:ED:4D:97:73:E5
ValidityThu, 26 Dec 2024 20:06:52 GMT - Wed, 26 Mar 2025 21:05:15 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /frndnp.php?ver=1&autoplay=1&v=480a3786f25b10cc21aadc157c93c886&cb=e09ad56a-9cee-4527-9627-a4a63e03c4d5&fclose=false&jh=cpzse3jqgeazq4m4f3ts65e&sth=qp4gn7djcczdrcmzpf7nha5xpw&sub_id=ap&fmt_id=1&testad=no&nomon=1&r=https%3A%2F%2Frecipesalba.com%2Fnews%2F842d4af18cd9ce5a67334c40f30b8465%2Fcascade&cdiv=73&frnd=true&maid=d0fbe7d3-b3e0-4e8f-b939-507500d7e030&country=NO&spy=yes&rel=true&rnd=1738407150293&cnt=1&tls=no&instant=yes HTTP/1.1
Host: pl.21wiz.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 200 OK
date: Sat, 01 Feb 2025 10:52:41 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-cache: Yac
x-movieads-country: NO
cf-cache-status: DYNAMIC
priority: u=3,i=?0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=VPVG94e%2FuZr%2FTksl9dcwBOm%2FW6fS0bIw0KR8V0Zf6WlYNCP0P90QGEnE6Iyqem3c%2BXWttqmKkMvvEygvwCPRl%2BESIP5%2ByXXGbr%2Fyah17LJsb68ZYGuBIURkHxVPeIpk%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 90b164b63f050b59-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=QUIC&rtt=7919&min_rtt=1551&rtt_var=8733&sent=280&recv=124&lost=0&retrans=0&sent_bytes=222371&recv_bytes=31350&delivery_rate=838847&cwnd=71700&unsent_bytes=0&cid=647b1420534dce91&ts=17652&x=1", cfExtPri, cfHdrFlush;dur=0

prebid.admatic.com.tr/setuid?bidder=netaddiction&gdpr=0&gdpr_consent=&f=b&uid=eba33a54-3d16-4e79-a18b-da36d57f1cae

172.67.73.96

301 Moved Permanently

1.8 kB

URL GET HTTP/3
prebid.admatic.com.tr/setuid?bidder=netaddiction&gdpr=0&gdpr_consent=&f=b&uid=eba33a54-3d16-4e79-a18b-da36d57f1cae
IP
172.67.73.96:443
ASN
#13335 CLOUDFLARENET

Requested by
https://dsp-service.netaddiction.tech/cookie_sync?r=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dnetaddiction%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Certificate
IssuerLet's Encrypt
Subjectprebid.admatic.com.tr
FingerprintE3:09:23:F6:1B:DF:09:F8:06:BC:A5:32:B7:4B:77:1E:FD:17:BD:70
ValidityTue, 07 Jan 2025 04:52:19 GMT - Mon, 07 Apr 2025 04:52:18 GMT

File type

Size
1.8 kB (1756 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /setuid?bidder=netaddiction&gdpr=0&gdpr_consent=&f=b&uid=eba33a54-3d16-4e79-a18b-da36d57f1cae HTTP/1.1
Host: prebid.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dsp-service.netaddiction.tech/
Cookie: adplus_digital_id=0.dtqhamnu4p
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/3 301 Moved Permanently
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: text/html
content-length: 167
location: https://static.cdn.admatic.com.tr/cookie.html?bidder=netaddiction&gdpr=0&gdpr_consent=&f=b&uid=eba33a54-3d16-4e79-a18b-da36d57f1cae
cache-control: max-age=3600
expires: Sat, 01 Feb 2025 11:52:30 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vu%2B9pX56J0xdyBCd4BOxwzb618xx4jlJTMf4YDkk3HjeXn1LGoHQbQcKYiOd3Eg%2FNOd2Qe0Sn9H6pSsSfCtxBn1dQdDKO6Fcz5%2BrZ82m5ujrBC5d02V6MsyUtr9QNOhnRE4SzJmc%2Bg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b16470b80ab4ff-OSL
alt-svc: h3=":443"; ma=86400

fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/4a3a05cf.js?npr=2b351962d5dd94636d2d0ec4ed68b4ba

104.22.52.160

200 OK

191 kB

URL GET HTTP/2
fstatic.netpub.media/r/56d8e76109aad0c06895b24547622d1f/4a3a05cf.js?npr=2b351962d5dd94636d2d0ec4ed68b4ba
IP
104.22.52.160:443
ASN
#13335 CLOUDFLARENET

Requested by
https://recipesalba.com/news/842d4af18cd9ce5a67334c40f30b8465/cascade
Certificate
IssuerGoogle Trust Services
Subjectnetpub.media
Fingerprint18:A3:E5:9C:B9:99:9D:6C:19:2B:CB:0C:A6:A6:35:59:EA:52:33:67
ValidityMon, 30 Dec 2024 07:31:49 GMT - Sun, 30 Mar 2025 08:31:31 GMT

File type
JavaScript source, ASCII text, with very long lines (36331)
Size
191 kB (191355 bytes)
Hash
44891a49b3234615829ce93bb17a1e01
06395b274041bcd108bd77527de34422ec23e54f
c0f9147cdd32c47a89fe952ba7926d500f7d32358b7b6c3ff320892bd4fef71f

HTTP Headers

GET /r/56d8e76109aad0c06895b24547622d1f/4a3a05cf.js?npr=2b351962d5dd94636d2d0ec4ed68b4ba HTTP/1.1
Host: fstatic.netpub.media
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://recipesalba.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Sat, 01 Feb 2025 10:52:24 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 28 Jan 2025 12:21:14 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-nginx-upstream-cache-status: BYPASS
content-encoding: gzip
cache-control: max-age=2678400
cf-cache-status: HIT
age: 3
server: cloudflare
cf-ray: 90b1644baf4f56b4-OSL
X-Firefox-Spdy: h2

dsp-service.admatic.com.tr/users/sync/?redir=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dadmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D

104.26.4.92

302 Found

1.8 kB

URL GET HTTP/2
dsp-service.admatic.com.tr/users/sync/?redir=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dadmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
IP
104.26.4.92:443
ASN
#13335 CLOUDFLARENET

Requested by
https://static.cdn.admatic.com.tr/sync.html
Certificate
IssuerLet's Encrypt
Subjectdsp-service.admatic.com.tr
FingerprintAC:D2:5F:DF:02:FF:44:62:26:7E:13:59:73:41:E4:B7:DE:1F:45:CF
ValidityFri, 10 Jan 2025 04:28:02 GMT - Thu, 10 Apr 2025 04:28:01 GMT

File type

Size
1.8 kB (1756 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /users/sync/?redir=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dadmatic%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D HTTP/1.1
Host: dsp-service.admatic.com.tr
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://static.cdn.admatic.com.tr/
Cookie: adplus_digital_id=0.dtqhamnu4p
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
date: Sat, 01 Feb 2025 10:52:29 GMT
content-type: text/html; charset=utf-8
location: https://prebid.admatic.com.tr/setuid?bidder=admatic&gdpr=0&gdpr_consent=&f=b&uid=b8efb380-4c72-4057-9d25-b4aaec7db4da
access-control-allow-origin: *
x-powered-by: AdMatic
vary: Accept, Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
working-on: admatic-k8s
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Hd18BDqxmDNk0ANy3joaIsMov17ZQQFjLB31lcZ2x9TqeLr5WD8sfpPPyc1oGIVwtKbzbPTvcPLtVq4tfTKjT9BMSsjiPei22lgeZtGY%2FlDUKJh37BkXD5yfuUOhRA2Ml1mcHcdWpODLH5Zu"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
permissions-policy: browsing-topics=()
server: cloudflare
cf-ray: 90b1646dceb9b50f-OSL
alt-svc: h3=":443"; ma=86400
server-timing: cfL4;desc="?proto=TCP&rtt=759&min_rtt=448&rtt_var=639&sent=6&recv=9&lost=0&retrans=0&sent_bytes=2791&recv_bytes=1287&delivery_rate=5208633&cwnd=253&unsent_bytes=0&cid=7386797c6e795ca7&ts=122&x=0"
X-Firefox-Spdy: h2

setuid/?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=

0.0.0.0

0 B

URL GET
setuid/?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid=
IP
0.0.0.0:0
ASN
#0

Requested by
https://dsp-service.netaddiction.tech/cookie_sync?r=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dnetaddiction%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?bidder=amx&gdpr=0&gdpr_consent=&f=i&uid= HTTP/1.1
Host: setuid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dsp-service.netaddiction.tech/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2F%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D${gdpr}%26gdpr_consent%3D${gdpr_consent}%26f%3Di%26uid%3D%7Buser_id%7D

51.83.220.94

302 Found

0 B

URL GET HTTP/2
a4p.adpartner.pro/ssp/match?redirect=https%3A%2F%2F%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D${gdpr}%26gdpr_consent%3D${gdpr_consent}%26f%3Di%26uid%3D%7Buser_id%7D
IP
51.83.220.94:443
ASN
#16276 OVH SAS

Requested by
https://dsp-service.netaddiction.tech/cookie_sync?r=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dnetaddiction%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D
Certificate
IssuerLet's Encrypt
Subjectadpartner.pro
FingerprintD6:53:9A:7B:8F:CD:3A:58:6A:19:B0:66:10:58:59:68:AE:5B:FA:BB
ValidityTue, 14 Jan 2025 08:08:25 GMT - Mon, 14 Apr 2025 08:08:24 GMT

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /ssp/match?redirect=https%3A%2F%2F%2Fsetuid%3Fbidder%3Dmembrana%26gdpr%3D${gdpr}%26gdpr_consent%3D${gdpr_consent}%26f%3Di%26uid%3D%7Buser_id%7D HTTP/1.1
Host: a4p.adpartner.pro
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
DNT: 1
Connection: keep-alive
Referer: https://dsp-service.netaddiction.tech/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 302 Found
server: nginx
date: Sat, 01 Feb 2025 10:52:30 GMT
content-type: text/html; charset=utf-8
content-length: 200
location: https:///setuid?bidder=membrana&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&f=i&uid=b61c8ef9-0213-42c8-aeb0-8e070440a08a
set-cookie: apuid=b61c8ef9-0213-42c8-aeb0-8e070440a08a; Path=/; Expires=Wed, 02 Apr 2025 10:52:30 GMT; Secure; SameSite=None
cache-control: no-store no-transform
X-Firefox-Spdy: h2

setuid/?bidder=membrana&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&f=i&uid=b61c8ef9-0213-42c8-aeb0-8e070440a08a

0.0.0.0

0 B

URL GET
setuid/?bidder=membrana&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&f=i&uid=b61c8ef9-0213-42c8-aeb0-8e070440a08a
IP
0.0.0.0:0
ASN
#0

Requested by
https://dsp-service.netaddiction.tech/cookie_sync?r=https%3A%2F%2Fprebid.admatic.com.tr%2Fsetuid%3Fbidder%3Dnetaddiction%26gdpr%3D0%26gdpr_consent%3D%26f%3Db%26uid%3D%24%7BUSER_TOKEN%7D

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
Quad9 DNS	malicious	Sinkholed

HTTP Headers

GET /?bidder=membrana&gdpr=${gdpr}&gdpr_consent=${gdpr_consent}&f=i&uid=b61c8ef9-0213-42c8-aeb0-8e070440a08a HTTP/1.1
Host: setuid
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:134.0) Gecko/20100101 Firefox/134.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://dsp-service.netaddiction.tech/
DNT: 1
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

Report Overview

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

Public InfoSec YARA rules

OpenPhish

PhishTank

Quad9 DNS

ThreatFox

JavaScript (41)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash