urlscan.io logo urlscan.io
SecurityTrails logo

www.casho.la Open in urlscan Pro
2606:4700:20::681a:d43  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://tinyurl.win/i/hTv8ofje1i
Effective URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Submission: On August 07 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 255 IPs in 21 countries across 192 domains to perform 1235 HTTP transactions. The main IP is 2606:4700:20::681a:d43, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.casho.la.
TLS certificate: Issued by GTS CA 1P5 on June 23rd 2023. Valid for: 3 months.
This is the only time www.casho.la was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2606:4700:303... 13335 (CLOUDFLAR...)
1 2a00:1450:400... 15169 (GOOGLE)
5 39 2606:4700:20:... 13335 (CLOUDFLAR...)
14 2400:52e0:1e0... 200325 (BUNNYCDN)
1 2600:9000:25a... 16509 (AMAZON-02)
1 2 2600:9000:249... 16509 (AMAZON-02)
2 2400:52e0:1e0... 200325 (BUNNYCDN)
2 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:e0:... 13335 (CLOUDFLAR...)
4 2a00:1450:400... 15169 (GOOGLE)
13 2606:2800:234... 15133 (EDGECAST)
1 1 2a03:2880:f27... 32934 (FACEBOOK)
1 2a03:2880:f27... 32934 (FACEBOOK)
1 1 2.21.20.140 20940 (AKAMAI-ASN1)
3 23.48.23.144 20940 (AKAMAI-ASN1)
2 2a03:2880:f08... 32934 (FACEBOOK)
2 2a06:98c1:312... 13335 (CLOUDFLAR...)
2 99.81.36.106 16509 (AMAZON-02)
1 5 108.138.17.31 16509 (AMAZON-02)
2 18.165.183.81 16509 (AMAZON-02)
15 172.66.42.247 13335 (CLOUDFLAR...)
7 68.71.249.118 20093 (ZEROLAG)
18 2a02:6ea0:c70... 60068 (CDN77 ^_^)
2 18.66.147.48 16509 (AMAZON-02)
12 141.94.202.176 16276 (OVH)
8 34.107.214.50 396982 (GOOGLE-CL...)
1 2a02:26f0:480... 20940 (AKAMAI-ASN1)
2 2600:9000:25a... 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
7 2600:9000:214... 16509 (AMAZON-02)
9 2606:4700:303... 13335 (CLOUDFLAR...)
7 54.38.64.100 16276 (OVH)
1 184.86.251.88 20940 (AKAMAI-ASN1)
1 11 2a02:2638:d::d 44788 (ASN-CRITE...)
1 27 2606:4700:10:... 13335 (CLOUDFLAR...)
2 145.239.193.51 16276 (OVH)
12 51.38.120.206 16276 (OVH)
4 88.221.169.49 16625 (AKAMAI-AS)
2 9 2620:116:800d... 16509 (AMAZON-02)
1 52.208.148.0 16509 (AMAZON-02)
1 65.9.7.64 16509 (AMAZON-02)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
8 2a02:26f0:350... 20940 (AKAMAI-ASN1)
3 3.215.3.149 14618 (AMAZON-AES)
18 2a00:1450:400... 15169 (GOOGLE)
4 162.19.138.117 16276 (OVH)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
27 2a00:1450:400... 15169 (GOOGLE)
7 2a00:1450:400... 15169 (GOOGLE)
2 45.77.37.165 20473 (AS-CHOOPA)
1 104.18.10.47 13335 (CLOUDFLAR...)
2 2606:4700::68... 13335 (CLOUDFLAR...)
14 18.66.97.62 16509 (AMAZON-02)
24 52.222.208.154 16509 (AMAZON-02)
8 34.197.9.3 14618 (AMAZON-AES)
5 69.16.175.10 20446 (STACKPATH...)
3 54.90.59.157 14618 (AMAZON-AES)
2 2600:9000:25a... 16509 (AMAZON-02)
1 141.95.98.64 16276 (OVH)
3 104.244.42.136 13414 (TWITTER)
1 2600:9000:25a... 16509 (AMAZON-02)
2 2620:1ec:46::60 8075 (MICROSOFT...)
4 2600:9000:25a... 16509 (AMAZON-02)
1 104.75.89.75 16625 (AKAMAI-AS)
10 20 185.89.210.90 29990 (ASN-APPNEX)
15 15.197.193.217 16509 (AMAZON-02)
9 2a02:2638:d::a 44788 (ASN-CRITE...)
1 5 147.75.84.158 54825 (PACKET)
1 9 193.3.178.4 399668 (E-PLANNING-)
4 9 64.202.112.127 23352 (SERVERCEN...)
6 2602:803:c003... 26667 (RUBICONPR...)
3 185.184.10.30 203690 (RTB-HOUSE...)
3 2606:4700::68... 13335 (CLOUDFLAR...)
13 99.81.161.232 16509 (AMAZON-02)
1 62.149.23.112 15497 (COLOCALL ...)
1 3.64.52.102 16509 (AMAZON-02)
3 185.255.84.151 200271 (IGUANE-)
4 12 54.194.114.76 16509 (AMAZON-02)
7 34.149.20.76 15169 (GOOGLE)
4 2600:1f13:800... 16509 (AMAZON-02)
11 34.117.33.6 396982 (GOOGLE-CL...)
2 13.224.103.29 ()
1 2a00:1450:400... 15169 (GOOGLE)
4 18.200.218.194 16509 (AMAZON-02)
13 17 142.250.186.66 15169 (GOOGLE)
1 172.66.41.9 13335 (CLOUDFLAR...)
4 2600:9000:25a... 16509 (AMAZON-02)
3 3 198.47.127.18 62713 (AS-PUBMATIC)
2 13 185.64.191.210 62713 (AS-PUBMATIC)
1 8 185.64.190.81 62713 (AS-PUBMATIC)
3 15 185.80.39.216 27381 (CASALE-MEDIA)
1 12 3.71.149.231 16509 (AMAZON-02)
3 69.166.1.12 27630 (AS-XFERNET)
1 8.39.36.141 26667 (RUBICONPR...)
1 44.214.13.119 14618 (AMAZON-AES)
1 34.120.133.55 396982 (GOOGLE-CL...)
8 5.135.209.97 16276 (OVH)
1 18.165.183.14 16509 (AMAZON-02)
1 104.18.12.242 13335 (CLOUDFLAR...)
7 2a00:1450:400... 15169 (GOOGLE)
3 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:25a... 16509 (AMAZON-02)
2 8.238.30.250 3356 (LEVEL3)
1 18.165.183.122 16509 (AMAZON-02)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 13.225.83.103 16509 (AMAZON-02)
1 2600:9000:25a... 16509 (AMAZON-02)
2 9 35.244.159.8 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:20e... 16509 (AMAZON-02)
10 23.209.22.22 16625 (AKAMAI-AS)
2 54.211.96.115 14618 (AMAZON-AES)
25 151.101.193.44 54113 (FASTLY)
1 63.35.76.22 16509 (AMAZON-02)
2 2a02:2638:3::3 44788 (ASN-CRITE...)
12 69.173.144.137 26667 (RUBICONPR...)
1 185.64.189.112 62713 (AS-PUBMATIC)
1 104.18.25.185 13335 (CLOUDFLAR...)
2 46.228.174.115 56396 (AMOBEE)
1 35.156.39.179 16509 (AMAZON-02)
1 13.224.103.113 ()
16 18.165.191.236 16509 (AMAZON-02)
2 2600:9000:214... 16509 (AMAZON-02)
5 2600:9000:219... ()
1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2600:9000:25a... 16509 (AMAZON-02)
7 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 2001:4860:480... 15169 (GOOGLE)
7 2a02:6ea0:c70... 60068 (CDN77 ^_^)
10 23.32.184.192 16625 (AKAMAI-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
7 7 23.201.255.110 16625 (AKAMAI-AS)
22 88.221.169.246 16625 (AKAMAI-AS)
5 216.52.2.86 32475 (SINGLEHOP...)
1 34.230.93.188 14618 (AMAZON-AES)
2 23.212.89.194 16625 (AKAMAI-AS)
4 45.133.44.4 39572 (ADVANCEDH...)
1 172.105.43.230 63949 (AKAMAI-LI...)
2 52.206.242.72 14618 (AMAZON-AES)
5 20.231.53.73 8075 (MICROSOFT...)
6 67.202.105.21 32748 (STEADFAST)
7 69.192.160.186 16625 (AKAMAI-AS)
2 193.3.178.3 399668 (E-PLANNING-)
1 67.202.105.33 32748 (STEADFAST)
1 18.66.112.120 16509 (AMAZON-02)
1 23.227.151.202 55081 (24SHELLS)
1 7 172.67.10.198 13335 (CLOUDFLAR...)
4 15 37.157.3.20 198622 (ADFORM)
9 18.198.80.207 16509 (AMAZON-02)
5 23.227.139.243 55081 (24SHELLS)
1 98.98.134.241 21859 (ZEN-ECN)
2 8.2.110.24 46636 (NATCOWEB)
2 35.186.253.211 15169 (GOOGLE)
1 193.3.178.2 399668 (E-PLANNING-)
2 2 44.195.175.110 14618 (AMAZON-AES)
1 1 34.195.119.133 14618 (AMAZON-AES)
10 18 18.184.249.152 16509 (AMAZON-02)
1 54.77.46.237 16509 (AMAZON-02)
1 3 185.86.138.155 201081 (SMARTADSE...)
1 2600:9000:223... 16509 (AMAZON-02)
1 77.245.57.72 36057 (WEBAIR-IN...)
1 34.194.30.69 14618 (AMAZON-AES)
2 2 216.52.2.16 32475 (SINGLEHOP...)
7 7 46.228.174.117 56396 (AMOBEE)
7 7 46.228.164.11 56396 (AMOBEE)
5 5 193.0.160.131 54312 (ROCKETFUEL)
2 18.193.126.37 16509 (AMAZON-02)
1 2 23.212.88.20 16625 (AKAMAI-AS)
1 205.234.175.175 23352 (SERVERCEN...)
1 2600:9000:25a... 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 3 34.111.113.62 396982 (GOOGLE-CL...)
1 2600:1f18:659... 14618 (AMAZON-AES)
3 11 198.47.127.19 3257 (GTT-BACKB...)
1 2a05:d018:24:... 16509 (AMAZON-02)
2 2 52.31.139.111 16509 (AMAZON-02)
1 34.254.143.3 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
6 6 85.114.159.93 24961 (MYLOC-AS ...)
2 3 34.111.131.239 396982 (GOOGLE-CL...)
1 185.15.245.83 24961 (MYLOC-AS ...)
1 3 108.128.97.117 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.158.157.188 16509 (AMAZON-02)
1 34.160.236.64 15169 (GOOGLE)
2 52.31.154.19 16509 (AMAZON-02)
2 4 162.55.233.28 24940 (HETZNER-AS)
4 8 151.101.66.49 54113 (FASTLY)
1 1 44.215.235.22 14618 (AMAZON-AES)
1 4 52.94.222.140 16509 (AMAZON-02)
1 2 2.23.197.190 16625 (AKAMAI-AS)
1 1 34.242.166.215 16509 (AMAZON-02)
3 6 69.173.144.139 26667 (RUBICONPR...)
1 2a00:1450:400... 15169 (GOOGLE)
2 4 52.46.130.91 16509 (AMAZON-02)
1 3 95.101.54.123 20940 (AKAMAI-ASN1)
1 1 34.95.81.168 396982 (GOOGLE-CL...)
1 2606:4700:20:... 13335 (CLOUDFLAR...)
2 28 52.210.15.1 16509 (AMAZON-02)
1 1 35.210.239.72 15169 (GOOGLE)
7 7 52.6.230.110 14618 (AMAZON-AES)
3 9 2a05:d018:d29... 16509 (AMAZON-02)
2 2 52.0.248.85 14618 (AMAZON-AES)
2 2 2603:c020:400... 31898 (ORACLE-BM...)
2 38.91.45.7 398989 (DEEPINTENT)
3 3 50.31.142.191 23352 (SERVERCEN...)
5 5 208.93.169.131 46244 (WEBMD-IDC...)
2 2 3.120.19.63 16509 (AMAZON-02)
3 72.251.241.196 32475 (SINGLEHOP...)
1 1 154.59.122.79 174 (COGENT-174)
2 18.205.77.144 14618 (AMAZON-AES)
1 69.166.1.8 27630 (AS-XFERNET)
1 1 185.183.112.148 60350 (VP)
2 5 185.86.138.151 201081 (SMARTADSE...)
2 2 185.255.84.152 200271 (IGUANE-)
2 2 185.86.138.152 201081 (SMARTADSE...)
3 65.9.66.97 16509 (AMAZON-02)
1 146.75.122.109 54113 (FASTLY)
2 2 124.146.153.160 2514 (INFOSPHER...)
2 80.77.87.163 46636 (NATCOWEB)
3 3 185.184.8.90 204995 (RTB-HOUSE...)
1 63.34.143.222 16509 (AMAZON-02)
1 76.223.111.18 16509 (AMAZON-02)
10 2a00:1450:400... 15169 (GOOGLE)
4 4 69.173.144.165 26667 (RUBICONPR...)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2400:52e0:1e0... 200325 (BUNNYCDN)
1 45.133.44.3 39572 (ADVANCEDH...)
3 69.173.144.138 26667 (RUBICONPR...)
2 2606:4700:10:... 13335 (CLOUDFLAR...)
1 8.43.72.97 26667 (RUBICONPR...)
1 2600:9000:25a... 16509 (AMAZON-02)
13 2400:52e0:1e0... 200325 (BUNNYCDN)
3 185.83.69.58 55081 (24SHELLS)
2 108.138.7.113 16509 (AMAZON-02)
2 2 188.42.196.115 7979 (SERVERS-COM)
2 8.2.108.194 46636 (NATCOWEB)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
3 141.226.228.48 200478 (TABOOLA-AS)
2 2a02:fa8:8806... 41041 (VCLK-EU-SE)
2 2606:2800:134... 15133 (EDGECAST)
1 18.198.127.193 16509 (AMAZON-02)
2 2 213.155.156.164 1299 (TWELVE99 ...)
1 178.250.7.11 44788 (ASN-CRITE...)
33 185.64.190.80 62713 (AS-PUBMATIC)
3 4 54.247.118.8 16509 (AMAZON-02)
1 1 34.111.129.221 396982 (GOOGLE-CL...)
3 4 52.23.97.211 14618 (AMAZON-AES)
2 3 34.91.62.186 396982 (GOOGLE-CL...)
1 2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2 68.219.88.97 8075 (MICROSOFT...)
1 1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 130.211.23.194 15169 (GOOGLE)
1 216.58.212.166 15169 (GOOGLE)
1 178.250.7.13 44788 (ASN-CRITE...)
1 68.71.249.120 20093 (ZEROLAG)
2 2a04:4e42::300 54113 (FASTLY)
2 141.226.224.32 200478 (TABOOLA-AS)
4 4 35.214.196.82 15169 (GOOGLE)
5 10 77.243.51.121 42697 (NETIC-AS)
10 10 141.94.171.216 16276 (OVH)
6 6 18.198.126.47 16509 (AMAZON-02)
2 2 52.48.249.243 16509 (AMAZON-02)
4 2a02:fa8:8806... 41041 (VCLK-EU-SE)
4 4 64.227.64.62 14061 (DIGITALOC...)
10 10 52.210.82.246 16509 (AMAZON-02)
2 2 52.220.229.2 16509 (AMAZON-02)
2 4 2606:4700::68... 13335 (CLOUDFLAR...)
2 195.5.165.20 44968 (IPROM-AS)
2 2 34.102.163.6 396982 (GOOGLE-CL...)
2 35.186.193.173 15169 (GOOGLE)
2 2 141.94.240.143 16276 (OVH)
4 4 141.94.171.212 16276 (OVH)
2 162.55.120.196 24940 (HETZNER-AS)
2 98.98.134.242 21859 (ZEN-ECN)
2 2 34.102.253.54 396982 (GOOGLE-CL...)
2 10 185.89.211.84 29990 (ASN-APPNEX)
1 1 52.57.252.119 16509 (AMAZON-02)
1 1 141.95.32.69 16276 (OVH)
1 1 82.145.213.8 39832 (NO-OPERA)
1 52.49.58.171 16509 (AMAZON-02)
57 35.186.238.232 15169 (GOOGLE)
1 2600:9000:205... 16509 (AMAZON-02)
7 2a02:26f0:480... 20940 (AKAMAI-ASN1)
4 34.95.69.49 396982 (GOOGLE-CL...)
1 54.72.30.63 16509 (AMAZON-02)
1 5.135.209.96 16276 (OVH)
1 35.241.45.217 15169 (GOOGLE)
3 3 2a02:26f0:780... 20940 (AKAMAI-ASN1)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
5 69.192.161.76 16625 (AKAMAI-AS)
3 2a04:4e42:400... 54113 (FASTLY)
3 2a04:4e42:a00... 54113 (FASTLY)
1 34.102.243.38 396982 (GOOGLE-CL...)
9 2a02:26f0:350... 20940 (AKAMAI-ASN1)
4 185.86.138.122 201081 (SMARTADSE...)
3 23.88.17.186 24940 (HETZNER-AS)
3 8.2.108.106 46636 (NATCOWEB)
1 185.239.173.210 ()
5 184.30.24.22 ()
1 2.16.164.91 ()
4 104.122.24.29 ()
4 35.157.246.167 ()
1235 255
1    2606:4700:3037::6815:48a7 (United States)

ASN13335 (CLOUDFLARENET, US)
tinyurl.win
1    2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
39    2606:4700:20::681a:d43 (United States)

ASN13335 (CLOUDFLARENET, US)
www.casho.la
casho.la
14    2400:52e0:1e00::1079:1 (Germany)

ASN200325 (BUNNYCDN, SI)
cdn.unibotscdn.com
1    2600:9000:25a2:2e00:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.unblockia.com
2    2600:9000:2490:b200:2:aa19:6400:21 (United States)

ASN16509 (AMAZON-02, US)
d280h7aj1u7b0w.cloudfront.net
2    2400:52e0:1e00::1080:1 (Germany)

ASN200325 (BUNNYCDN, SI)
hb.vntsm.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
3    2606:4700:e0::ac40:660b (United States)

ASN13335 (CLOUDFLARENET, US)
use.fontawesome.com
4    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
13    2606:2800:234:46c:e8b:1e2f:2bd:694 (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    2a03:2880:f276:d2:face:b00c:0:43fe (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
platform.instagram.com
1    2a03:2880:f276:e8:face:b00c:0:4420 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.instagram.com
1    2.21.20.140 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-21-20-140.deploy.static.akamaitechnologies.com
www.tiktok.com
3    23.48.23.144 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-48-23-144.deploy.static.akamaitechnologies.com
lf16-tiktok-web.ttwstatic.com
2    2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
stats.systems
2    99.81.36.106 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-36-106.eu-west-1.compute.amazonaws.com
pixel.adsafeprotected.com
5    108.138.17.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-17-31.fra56.r.cloudfront.net
embed.sendtonews.com
2    18.165.183.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-81.zrh55.r.cloudfront.net
embedcdn.sendtonews.com
15    172.66.42.247 (United States)

ASN13335 (CLOUDFLARENET, US)
resources.infolinks.com
router.infolinks.com
rt3029.infolinks.com
7    68.71.249.118 (Toronto, Canada)

ASN20093 (ZEROLAG, US)
udmserve.net
18    2a02:6ea0:c700::18 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
ads.themoneytizer.com
2    18.66.147.48 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-147-48.fra60.r.cloudfront.net
d2na2p72vtqyok.cloudfront.net
12    141.94.202.176 (France)

ASN16276 (OVH, FR)
PTR: ns31491888.ip-141-94-202.eu
amer.hhkld.com
hhkld.com
8    34.107.214.50 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 50.214.107.34.bc.googleusercontent.com
sm1.selectmedia.asia
serv-selectmedia.com
1    2a02:26f0:480:25::1726:622b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
tg1.vidcrunch.com
2    2600:9000:25a2:1600:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
10    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
7    2600:9000:214f:1000:3:64bd:d2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
injections.mmvideocdn.com
www.oo-syringe.com
bucket1.mm-syringe.com
9    2606:4700:3030::ac43:dfab (United States)

ASN13335 (CLOUDFLARENET, US)
player.globalsun.io
7    54.38.64.100 (France)

ASN16276 (OVH, FR)
c.tmyzer.com
1    184.86.251.88 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-86-251-88.deploy.static.akamaitechnologies.com
ced.sascdn.com
11    2a02:2638:d::d (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
gum.criteo.com
27    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    145.239.193.51 (Valence, France)

ASN16276 (OVH, FR)
tag.leadplace.fr
12    51.38.120.206 (Hessen, Germany)

ASN16276 (OVH, FR)
PTR: ip206.ip-51-38-120.eu
onetag-sys.com
4    88.221.169.49 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-49.deploy.static.akamaitechnologies.com
a.teads.tv
9    2620:116:800d:21:ef75:8280:f209:5ba1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    52.208.148.0 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-148-0.eu-west-1.compute.amazonaws.com
p.cpx.to
1    65.9.7.64 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-7-64.fra56.r.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
2    2606:4700:10::ac43:2483 (United States)

ASN13335 (CLOUDFLARENET, US)
hb.vntsm.io
8    2a02:26f0:3500:2be::2c79 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
player.aniview.com
3    3.215.3.149 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-215-3-149.compute-1.amazonaws.com
track1.aniview.com
18    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
4    162.19.138.117 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: ns31533568.ip-162-19-138.eu
id5-sync.com
3    2606:4700:20::ac43:4bf1 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
27    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
7    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
fundingchoicesmessages.google.com
2    45.77.37.165 (Singapore)

ASN20473 (AS-CHOOPA, US)
PTR: 45.77.37.165.vultrusercontent.com
api-player.globalsun.io
1    104.18.10.47 (None, )

ASN13335 (CLOUDFLARENET, US)
js-sec.indexww.com
2    2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
14    18.66.97.62 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-62.fra56.r.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
24    52.222.208.154 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-208-154.fra56.r.cloudfront.net
c.amazon-adsystem.com
8    34.197.9.3 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-9-3.compute-1.amazonaws.com
s2l.sendtonews.com
5    69.16.175.10 (United States)

ASN20446 (STACKPATH-CDN, US)
PTR: hwcdn.net
feed.avplayer.com
player.avplayer.com
content1.avplayer.com
3    54.90.59.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-90-59-157.compute-1.amazonaws.com
servt.vidcrunch.com
2    2600:9000:25a2:e600:2:4149:df00:93a1 (United States)

ASN16509 (AMAZON-02, US)
vms-players.minutemediaservices.com
1    141.95.98.64 (France)

ASN16276 (OVH, FR)
PTR: ns3216658.ip-141-95-98.eu
lb.eu-1-id5-sync.com
3    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
1    2600:9000:25a2:8a00:12:abfb:9280:93a1 (United States)

ASN16509 (AMAZON-02, US)
loader.unblockia.com
2    2620:1ec:46::60 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
www.clarity.ms
4    2600:9000:25a2:b400:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    104.75.89.75 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-75-89-75.deploy.static.akamaitechnologies.com
at.teads.tv
20    185.89.210.90 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
ib.adnxs.com
secure.adnxs.com
15    15.197.193.217 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
9    2a02:2638:d::a (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
bidder.criteo.com
5    147.75.84.158 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
9    193.3.178.4 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
pbjs.e-planning.net
u-ams03.e-planning.net
9    64.202.112.127 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com
b1h.zemanta.com
sync.outbrain.com
6    2602:803:c003:200::44 (Amsterdam, Netherlands)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    185.184.10.30 (Poland)

ASN203690 (RTB-HOUSE-ASH, PL)
PTR: ip-185-184-10-30.rtbhouse.net
prebid-us.creativecdn.com
3    2606:4700::6812:272 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
13    99.81.161.232 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
ads.servenobid.com
1    62.149.23.112 (Kyiv, Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: cc86365-06.cc.colocall.com
ghb.adtelligent.com
1    3.64.52.102 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-52-102.eu-central-1.compute.amazonaws.com
bid.missena.io
3    185.255.84.151 (France)

ASN200271 (IGUANE-, FR)
hb-api.omnitagjs.com
12    54.194.114.76 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-194-114-76.eu-west-1.compute.amazonaws.com
ad.360yield.com
ice.360yield.com
7    34.149.20.76 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 76.20.149.34.bc.googleusercontent.com
ssc.33across.com
4    2600:1f13:800:7781:1be6:f1b0:79a9:85e7 (Boardman, United States)

ASN16509 (AMAZON-02, US)
dt.adsafeprotected.com
11    34.117.33.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.33.117.34.bc.googleusercontent.com
track-selectmedia.com
2    13.224.103.29 (United States)

ASN- ()
PTR: server-13-224-103-29.zrh50.r.cloudfront.net
ats.rlcdn.com
1    2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
4    18.200.218.194 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-200-218-194.eu-west-1.compute.amazonaws.com
s.cpx.to
17    142.250.186.66 (Grosse Pointe, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f2.1e100.net
cm.g.doubleclick.net
1    172.66.41.9 (United States)

ASN13335 (CLOUDFLARENET, US)
rt3029.infolinks.com
4    2600:9000:25a2:1c00:5:c4ab:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
bid.underdog.media
3    198.47.127.18 (United States)

ASN62713 (AS-PUBMATIC, US)
image8.pubmatic.com
13    185.64.191.210 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image2.pubmatic.com
8    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
simage4.pubmatic.com
15    185.80.39.216 (Canada)

ASN27381 (CASALE-MEDIA, CA)
ssum-sec.casalemedia.com
ssum.casalemedia.com
dsum-sec.casalemedia.com
12    3.71.149.231 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
3    69.166.1.12 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    8.39.36.141 (Los Angeles, United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-west.rubiconproject.com
1    44.214.13.119 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-214-13-119.compute-1.amazonaws.com
id.sv.rkdms.com
1    34.120.133.55 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 55.133.120.34.bc.googleusercontent.com
api.rlcdn.com
8    5.135.209.97 (Oignies, France)

ASN16276 (OVH, FR)
PTR: ip97.ip-5-135-209.eu
ww1097.smartadserver.com
1    18.165.183.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-14.zrh55.r.cloudfront.net
player.sendtonews.com
1    104.18.12.242 (None, )

ASN13335 (CLOUDFLARENET, US)
cdn.resonate.com
7    2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pubads.g.doubleclick.net
3    2606:4700:20::681a:346 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
1    2600:9000:25a2:3000:10:be65:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
t.unblockia.com
2    8.238.30.250 (United States)

ASN3356 (LEVEL3, US)
cdn.vidcrunch.com
1    18.165.183.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-183-122.zrh55.r.cloudfront.net
geo.privacymanager.io
1    2606:4700:20::681a:450 (United States)

ASN13335 (CLOUDFLARENET, US)
content.wazimo.com
1    13.225.83.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-83-103.fra2.r.cloudfront.net
www.datadoghq-browser-agent.com
1    2600:9000:25a2:2e00:1:96ec:5bc0:93a1 (United States)

ASN16509 (AMAZON-02, US)
content.voltaxservices.io
9    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
u.openx.net
underdogmedia-d.openx.net
us-u.openx.net
insticator-d.openx.net
venatusmedia-d.openx.net
6    2a00:1450:4001:806::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
securepubads.g.doubleclick.net
6    2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:20eb:ea00:19:4ac0:c3c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
cdn.mmctsvc.com
10    23.209.22.22 (Vienna, Austria)

ASN16625 (AKAMAI-AS, US)
PTR: a23-209-22-22.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
2    54.211.96.115 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-211-96-115.compute-1.amazonaws.com
go1.aniview.com
serv.vidcrunch.com
25    151.101.193.44 (United States)

ASN54113 (FASTLY, US)
cdn.taboola.com
trc.taboola.com
images.taboola.com
1    63.35.76.22 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-76-22.eu-west-1.compute.amazonaws.com
adtrack.adleadevent.com
2    2a02:2638:3::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
static.criteo.net
12    69.173.144.137 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
prebid-server.rubiconproject.com
1    185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
1    104.18.25.185 (None, )

ASN13335 (CLOUDFLARENET, US)
htlb.casalemedia.com
2    46.228.174.115 (United Kingdom)

ASN56396 (AMOBEE, GB)
targeting.unrulymedia.com
1    35.156.39.179 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-156-39-179.eu-central-1.compute.amazonaws.com
tlx.3lift.com
1    13.224.103.113 (United States)

ASN- ()
PTR: server-13-224-103-113.zrh50.r.cloudfront.net
hb.undertone.com
16    18.165.191.236 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-191-236.zrh55.r.cloudfront.net
aax.amazon-adsystem.com
2    2600:9000:214f:2000:3:64bd:d2c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
www.oo-syringe.com
5    2600:9000:2190:8c00:9:46dc:4700:93a1 (United States)

ASN- ()
cmp.quantcast.com
1    2606:4700:20::ac43:4728 (United States)

ASN13335 (CLOUDFLARENET, US)
bqstreamer.com
1    2600:9000:25a2:d800:1a:7b6f:2940:93a1 (United States)

ASN16509 (AMAZON-02, US)
factor-service.prod.voltaxservices.io
7    2a02:26f0:3500:3::b818:4d30 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
ced-ns.sascdn.com
4    2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)
region1.google-analytics.com
7    2a02:6ea0:c700::19 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
cdn.globalsun.io
10    23.32.184.192 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-32-184-192.deploy.static.akamaitechnologies.com
ads.pubmatic.com
1    2606:4700:10::ac43:2954 (United States)

ASN13335 (CLOUDFLARENET, US)
ex.ingage.tech
7    23.201.255.110 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-201-255-110.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
22    88.221.169.246 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a88-221-169-246.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
5    216.52.2.86 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ap.lijit.com
1    34.230.93.188 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-230-93-188.compute-1.amazonaws.com
s2s.aniview.com
2    23.212.89.194 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-89-194.deploy.static.akamaitechnologies.com
video-ads.rubiconproject.com
4    45.133.44.4 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.hb.selectmedia.asia
1    172.105.43.230 (Mumbai, India)

ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG)
PTR: 172-105-43-230.ip.linodeusercontent.com
newsbot.unibots.in
2    52.206.242.72 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-206-242-72.compute-1.amazonaws.com
powerad.ai
5    20.231.53.73 (Tappahannock, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
q.clarity.ms
6    67.202.105.21 (United States)

ASN32748 (STEADFAST, US)
PTR: ip21.67-202-105.static.steadfastdns.net
ssc-cms.33across.com
7    69.192.160.186 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-160-186.deploy.static.akamaitechnologies.com
acdn.adnxs.com
acdn.adnxs-simple.com
cdn.adnxs.com
2    193.3.178.3 (United States)

ASN399668 (E-PLANNING-, US)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
sync.e-planning.net
1    67.202.105.33 (United States)

ASN32748 (STEADFAST, US)
PTR: ip33.67-202-105.static.steadfastdns.net
ic.tynt.com
1    18.66.112.120 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-120.fra56.r.cloudfront.net
public.servenobid.com
1    23.227.151.202 (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.adtelligent.com
7    172.67.10.198 (United States)

ASN13335 (CLOUDFLARENET, US)
csync.smilewanted.com
static.smilewanted.com
15    37.157.3.20 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
dmp.adform.net
c1.adform.net
adx.adform.net
9    18.198.80.207 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-80-207.eu-central-1.compute.amazonaws.com
sync.missena.io
5    23.227.139.243 (Piscataway, United States)

ASN55081 (24SHELLS, US)
sync.adtelligent.com
1    98.98.134.241 (United States)

ASN21859 (ZEN-ECN, US)
pixel.sitescout.com
2    8.2.110.24 (United States)

ASN46636 (NATCOWEB, US)
sync.admanmedia.com
2    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    193.3.178.2 (United States)

ASN399668 (E-PLANNING-, US)
PTR: s.e-planning.net
s.e-planning.net
2    44.195.175.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-175-110.compute-1.amazonaws.com
ssp.disqus.com
1    34.195.119.133 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-195-119-133.compute-1.amazonaws.com
cookies.nextmillmedia.com
18    18.184.249.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-249-152.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    54.77.46.237 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-46-237.eu-west-1.compute.amazonaws.com
g2.gumgum.com
3    185.86.138.155 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
1    2600:9000:223f:e800:1f:4c18:bd40:93a1 (United States)

ASN16509 (AMAZON-02, US)
cs-rtb.minutemedia-prebid.com
1    77.245.57.72 (United States)

ASN36057 (WEBAIR-INTERNET-MTL, US)
sync.adkernel.com
1    34.194.30.69 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-194-30-69.compute-1.amazonaws.com
cs-server-s2s.yellowblue.io
2    216.52.2.16 (United States)

ASN32475 (SINGLEHOP-LLC, US)
ce.lijit.com
7    46.228.174.117 (United Kingdom)

ASN56396 (AMOBEE, GB)
sync.1rx.io
sync.targeting.unrulymedia.com
7    46.228.164.11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
5    193.0.160.131 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    18.193.126.37 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-193-126-37.eu-central-1.compute.amazonaws.com
match.sharethrough.com
2    23.212.88.20 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-88-20.deploy.static.akamaitechnologies.com
hbx.media.net
hblg.media.net
1    205.234.175.175 (United States)

ASN23352 (SERVERCENTRAL, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
1    2600:9000:25a2:fa00:1a:eb05:4900:93a1 (United States)

ASN16509 (AMAZON-02, US)
drm.mmvideosvc.com
3    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
3    2606:4700:10::ac43:266a (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.id5-sync.com
3    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    2600:1f18:6593:f600:4cde:8aa:915a:85c4 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
11    198.47.127.19 (United States)

ASN3257 (GTT-BACKBONE GTT, US)
image6.pubmatic.com
1    2a05:d018:24:b001:fe02:48a4:8f13:7b81 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
2    52.31.139.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-139-111.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    34.254.143.3 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
loadeu.exelator.com
1    151.1.205.165 (Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
6    85.114.159.93 (Bad Durrheim, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    34.111.131.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.131.111.34.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    185.15.245.83 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
3    108.128.97.117 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-108-128-97-117.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.158.157.188 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-157-188.eu-central-1.compute.amazonaws.com
aa.agkn.com
1    34.160.236.64 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 64.236.160.34.bc.googleusercontent.com
odr.mookie1.com
2    52.31.154.19 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-154-19.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    162.55.233.28 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.28.233.55.162.clients.your-server.de
sync.richaudience.com
8    151.101.66.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    44.215.235.22 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-235-22.compute-1.amazonaws.com
usermatch.krxd.net
4    52.94.222.140 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
2    2.23.197.190 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-23-197-190.deploy.static.akamaitechnologies.com
tags.bluekai.com
stags.bluekai.com
1    34.242.166.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-242-166-215.eu-west-1.compute.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
6    69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    95.101.54.123 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-101-54-123.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    34.95.81.168 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 168.81.95.34.bc.googleusercontent.com
euexchangesync.digitaleast.mobi
1    2606:4700:20::681a:bd1 (United States)

ASN13335 (CLOUDFLARENET, US)
ad4m.at
28    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
1    35.210.239.72 (Brussels, Belgium)

ASN15169 (GOOGLE, US)
PTR: 72.239.210.35.bc.googleusercontent.com
u.ipw.metadsp.co.uk
7    52.6.230.110 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-230-110.compute-1.amazonaws.com
sync.srv.stackadapt.com
9    2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    52.0.248.85 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-0-248-85.compute-1.amazonaws.com
sync.ipredictive.com
2    2603:c020:400d:3000:7130:bb0b:d7e:bee2 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    38.91.45.7 (United States)

ASN398989 (DEEPINTENT, US)
match.deepintent.com
3    50.31.142.191 (Plainfield, United States)

ASN23352 (SERVERCENTRAL, US)
PTR: chi.outbrain.com
b1sync.zemanta.com
5    208.93.169.131 (United States)

ASN46244 (WEBMD-IDC1-AS, US)
bh.contextweb.com
2    3.120.19.63 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-120-19-63.eu-central-1.compute.amazonaws.com
pm.w55c.net
3    72.251.241.196 (Amsterdam, Netherlands)

ASN32475 (SINGLEHOP-LLC, US)
cm.adgrx.com
1    154.59.122.79 (United States)

ASN174 (COGENT-174, US)
ums.acuityplatform.com
2    18.205.77.144 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-205-77-144.compute-1.amazonaws.com
event.insticator.com
1    69.166.1.8 (United States)

ASN27630 (AS-XFERNET, US)
apex.go.sonobi.com
1    185.183.112.148 (Meaux, France)

ASN60350 (VP, FR)
sync.adotmob.com
5    185.86.138.151 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
2    185.255.84.152 (France)

ASN200271 (IGUANE-, FR)
visitor.omnitagjs.com
2    185.86.138.152 (France)

ASN201081 (SMARTADSERVER, FR)
sync.smartadserver.com
3    65.9.66.97 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-66-97.fra56.r.cloudfront.net
tags.crwdcntrl.net
1    146.75.122.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.vimeocdn.com
2    124.146.153.160 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    80.77.87.163 (Clifton, United States)

ASN46636 (NATCOWEB, US)
cs.admanmedia.com
3    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    63.34.143.222 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-143-222.eu-west-1.compute.amazonaws.com
rtb.gumgum.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
10    2a00:1450:4008:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
csi.gstatic.com
4    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2400:52e0:1e00::1047:1 (Germany)

ASN200325 (BUNNYCDN, SI)
unibots.b-cdn.net
1    45.133.44.3 (Philadelphia, United States)

ASN39572 (ADVANCEDHOSTERS-AS, NL)
player.adtelligent.com
3    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel-eu.rubiconproject.com
2    2606:4700:10::ac43:17ea (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
1    8.43.72.97 (United States)

ASN26667 (RUBICONPROJECT, US)
pixel-us-east.rubiconproject.com
1    2600:9000:25a2:ba00:3:a4cd:8380:93a1 (United States)

ASN16509 (AMAZON-02, US)
test.cmp.quantcast.com
13    2400:52e0:1e00::1053:1 (Germany)

ASN200325 (BUNNYCDN, SI)
stream.unibotscdn.com
3    185.83.69.58 (Cricklewood, United Kingdom)

ASN55081 (24SHELLS, US)
ghb.hb.selectmedia.asia
2    108.138.7.113 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-7-113.fra56.r.cloudfront.net
sb.scorecardresearch.com
2    188.42.196.115 (Luxembourg)

ASN7979 (SERVERS-COM, US)
ads.betweendigital.com
2    8.2.108.194 (United States)

ASN46636 (NATCOWEB, US)
us.ck-ie.com
1    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
a.ad.gt
3    141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)
am-trc-events.taboola.com
2    2a02:fa8:8806:13::1460 (Singapore)

ASN41041 (VCLK-EU-SE, US)
proc.ad.cpe.dotomi.com
2    2606:2800:134:fa2:1627:1fe:edb:1665 (United States)

ASN15133 (EDGECAST, US)
cdn.syndication.twimg.com
pbs.twimg.com
1    18.198.127.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-127-193.eu-central-1.compute.amazonaws.com
audit-tcfv2.cmp.quantcast.com
2    213.155.156.164 (Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
d5p.de17a.com
1    178.250.7.11 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
33    185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
4    54.247.118.8 (Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-247-118-8.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    34.111.129.221 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 221.129.111.34.bc.googleusercontent.com
cr.frontend.weborama.fr
4    52.23.97.211 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-23-97-211.compute-1.amazonaws.com
a.audrte.com
3    34.91.62.186 (Groningen, Netherlands)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 186.62.91.34.bc.googleusercontent.com
um.simpli.fi
2    2606:4700:20::681a:78b (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
2    68.219.88.97 (Dublin, Ireland)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.clarity.ms
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    130.211.23.194 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
1    216.58.212.166 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f6.1e100.net
ad.doubleclick.net
1    178.250.7.13 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
mug.criteo.com
1    68.71.249.120 (Toronto, Canada)

ASN20093 (ZEROLAG, US)
PTR: underdogmedia.com
edge.udmserve.net
2    2a04:4e42::300 (United States)

ASN54113 (FASTLY, US)
pips.taboola.com
2    141.226.224.32 (United States)

ASN200478 (TABOOLA-AS, IL)
cds.taboola.com
4    35.214.196.82 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 82.196.214.35.bc.googleusercontent.com
csync.loopme.me
10    77.243.51.121 (Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
10    141.94.171.216 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-10.cloudy.ovh
pixel.onaudience.com
6    18.198.126.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-126-47.eu-central-1.compute.amazonaws.com
loada.exelator.com
2    52.48.249.243 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-249-243.eu-west-1.compute.amazonaws.com
ads.avct.cloud
4    2a02:fa8:8806:20::2010 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
4    64.227.64.62 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
10    52.210.82.246 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-82-246.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
2    52.220.229.2 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-220-229-2.ap-southeast-1.compute.amazonaws.com
cm-supply-web.gammaplatform.com
4    2606:4700::6812:19ad (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
2    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
2    34.102.163.6 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
2    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
ipac.ctnsnet.com
2    141.94.240.143 (France)

ASN16276 (OVH, FR)
PTR: bixel-9.cloudy.ovh
green.erne.co
4    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel-eu.onaudience.com
2    162.55.120.196 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.196.120.55.162.clients.your-server.de
matching.truffle.bid
2    98.98.134.242 (United States)

ASN21859 (ZEN-ECN, US)
pixel-sync.sitescout.com
2    34.102.253.54 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
10    185.89.211.84 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
secure.adnxs.com
ib.adnxs.com
ams3-ib.adnxs.com
1    52.57.252.119 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-252-119.eu-central-1.compute.amazonaws.com
sonata-notifications.taptapnetworks.com
1    141.95.32.69 (Frankfurt am Main, Germany)

ASN16276 (OVH, FR)
PTR: haproxy-eu-004.roqad.pl
ws.rqtrk.eu
1    82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology
t.adx.opera.com
1    52.49.58.171 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-58-171.eu-west-1.compute.amazonaws.com
id.crwdcntrl.net
57    35.186.238.232 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 232.238.186.35.bc.googleusercontent.com
ads.viralize.tv
1    2600:9000:2057:fe00:0:1651:6140:21 (United States)

ASN16509 (AMAZON-02, US)
d1oykxszdrgjgl.cloudfront.net
7    2a02:26f0:480:f::213:7ed1 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
monetize-static.viralize.tv
4    34.95.69.49 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 49.69.95.34.bc.googleusercontent.com
i.clean.gg
1    54.72.30.63 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-30-63.eu-west-1.compute.amazonaws.com
track.venatusmedia.com
1    5.135.209.96 (Oignies, France)

ASN16276 (OVH, FR)
PTR: ip96.ip-5-135-209.eu
www8.smartadserver.com
1    35.241.45.217 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 217.45.241.35.bc.googleusercontent.com
pghub.io
3    2a02:26f0:780::5f65:3678 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync-global.smartadserver.com
9    2a02:26f0:3500:3::b818:4d3d (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync-eu.smartadserver.com
5    69.192.161.76 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-161-76.deploy.static.akamaitechnologies.com
ad.yieldlab.net
3    2a04:4e42:400::729 (United States)

ASN54113 (FASTLY, US)
cdn.ravenjs.com
3    2a04:4e42:a00::282 (United States)

ASN54113 (FASTLY, US)
polyfill.io
1    34.102.243.38 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 38.243.102.34.bc.googleusercontent.com
feed.pghub.io
9    2a02:26f0:3500:3::b818:4d48 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
csync.smartadserver.com
4    185.86.138.122 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
3    23.88.17.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.17.88.23.clients.your-server.de
shb.richaudience.com
3    8.2.108.106 (United States)

ASN46636 (NATCOWEB, US)
service.bidlab.ai
1    185.239.173.210 (None, )

ASN- ()
ghb1.adtelligent.com
5    184.30.24.22 (None, )

ASN- ()
contextual.media.net
1    2.16.164.91 (None, )

ASN- ()
qsearch-a.akamaihd.net
4    104.122.24.29 (None, )

ASN- ()
warp.media.net
lg3.media.net
4    35.157.246.167 (None, )

ASN- ()
c2shb.ssp.yahoo.com
Apex Domain
Subdomains		 Transfer
79 pubmatic.com
image8.pubmatic.com — Cisco Umbrella Rank: 713
image2.pubmatic.com — Cisco Umbrella Rank: 1030
image4.pubmatic.com — Cisco Umbrella Rank: 1270
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 603
ads.pubmatic.com — Cisco Umbrella Rank: 574
image6.pubmatic.com — Cisco Umbrella Rank: 813
simage2.pubmatic.com — Cisco Umbrella Rank: 793
simage4.pubmatic.com — Cisco Umbrella Rank: 1315
233 KB
64 viralize.tv
ads.viralize.tv — Cisco Umbrella Rank: 17372
monetize-static.viralize.tv — Cisco Umbrella Rank: 17010
814 KB
64 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 584
pixel-us-west.rubiconproject.com — Cisco Umbrella Rank: 5788
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 1012
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1189
eus.rubiconproject.com — Cisco Umbrella Rank: 622
video-ads.rubiconproject.com — Cisco Umbrella Rank: 5189
pixel.rubiconproject.com — Cisco Umbrella Rank: 393
token.rubiconproject.com — Cisco Umbrella Rank: 648
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2500
pixel-us-east.rubiconproject.com — Cisco Umbrella Rank: 1250
157 KB
48 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 380
aax.amazon-adsystem.com — Cisco Umbrella Rank: 457
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1114
s.amazon-adsystem.com — Cisco Umbrella Rank: 325
529 KB
44 smartadserver.com
ww1097.smartadserver.com — Cisco Umbrella Rank: 41580
ssbsync.smartadserver.com — Cisco Umbrella Rank: 862
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 721
sync.smartadserver.com — Cisco Umbrella Rank: 1464
www8.smartadserver.com — Cisco Umbrella Rank: 6195
csync-global.smartadserver.com — Cisco Umbrella Rank: 4927
csync-eu.smartadserver.com — Cisco Umbrella Rank: 16724
csync.smartadserver.com — Cisco Umbrella Rank: 3363
prg.smartadserver.com — Cisco Umbrella Rank: 1550
137 KB
39 casho.la
www.casho.la
casho.la
181 KB
36 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 265
secure.adnxs.com — Cisco Umbrella Rank: 414
acdn.adnxs.com — Cisco Umbrella Rank: 594
cdn.adnxs.com
ams3-ib.adnxs.com
143 KB
32 taboola.com
cdn.taboola.com — Cisco Umbrella Rank: 926
trc.taboola.com — Cisco Umbrella Rank: 672
am-trc-events.taboola.com — Cisco Umbrella Rank: 13151
images.taboola.com — Cisco Umbrella Rank: 1776
pips.taboola.com — Cisco Umbrella Rank: 1641
cds.taboola.com — Cisco Umbrella Rank: 1872
1 MB
30 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1771
usersync.gumgum.com — Cisco Umbrella Rank: 2172
rtb.gumgum.com — Cisco Umbrella Rank: 1669
10 KB
30 doubleclick.net
cm.g.doubleclick.net — Cisco Umbrella Rank: 244
pubads.g.doubleclick.net — Cisco Umbrella Rank: 434
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 212
stats.g.doubleclick.net — Cisco Umbrella Rank: 115
ad.doubleclick.net — Cisco Umbrella Rank: 196
316 KB
27 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 135
199 KB
27 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 3667
mwzeom.zeotap.com — Cisco Umbrella Rank: 3213
29 KB
27 unibotscdn.com
cdn.unibotscdn.com — Cisco Umbrella Rank: 30819
stream.unibotscdn.com — Cisco Umbrella Rank: 43561
4 MB
26 yahoo.com
ups.analytics.yahoo.com — Cisco Umbrella Rank: 329
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1522
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 491
c2shb.ssp.yahoo.com
8 KB
24 googleapis.com
ajax.googleapis.com — Cisco Umbrella Rank: 406
fonts.googleapis.com — Cisco Umbrella Rank: 77
imasdk.googleapis.com — Cisco Umbrella Rank: 526
3 MB
22 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 431
bidder.criteo.com — Cisco Umbrella Rank: 750
dis.criteo.com — Cisco Umbrella Rank: 664
mug.criteo.com — Cisco Umbrella Rank: 2526
11 KB
20 gstatic.com
fonts.gstatic.com
csi.gstatic.com
308 KB
20 cloudfront.net
d280h7aj1u7b0w.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d1oykxszdrgjgl.cloudfront.net
3 MB
18 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 360
4 KB
18 globalsun.io
player.globalsun.io — Cisco Umbrella Rank: 280038
api-player.globalsun.io — Cisco Umbrella Rank: 284230
cdn.globalsun.io — Cisco Umbrella Rank: 336673
5 MB
18 themoneytizer.com
ads.themoneytizer.com — Cisco Umbrella Rank: 38716
270 KB
16 casalemedia.com
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 486
as-sec.casalemedia.com Failed
htlb.casalemedia.com — Cisco Umbrella Rank: 676
ssum.casalemedia.com — Cisco Umbrella Rank: 1425
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 633
13 KB
16 infolinks.com
resources.infolinks.com — Cisco Umbrella Rank: 6627
router.infolinks.com — Cisco Umbrella Rank: 3128
rt3029.infolinks.com — Cisco Umbrella Rank: 63221
319 KB
16 sendtonews.com
embed.sendtonews.com — Cisco Umbrella Rank: 12539
embedcdn.sendtonews.com — Cisco Umbrella Rank: 14159
s2l.sendtonews.com — Cisco Umbrella Rank: 12502
player.sendtonews.com — Cisco Umbrella Rank: 13303
374 KB
16 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 1003
syndication.twitter.com — Cisco Umbrella Rank: 1212
458 KB
15 adform.net
cm.adform.net — Cisco Umbrella Rank: 1298
dmp.adform.net — Cisco Umbrella Rank: 3604
c1.adform.net — Cisco Umbrella Rank: 631
adx.adform.net — Cisco Umbrella Rank: 4315
8 KB
15 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 385
4 KB
14 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3485
pixel-eu.onaudience.com — Cisco Umbrella Rank: 17402
7 KB
14 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2860
public.servenobid.com — Cisco Umbrella Rank: 4852
9 KB
13 33across.com
ssc.33across.com — Cisco Umbrella Rank: 4567
ssc-cms.33across.com — Cisco Umbrella Rank: 1218
lexicon.33across.com Failed
1 KB
13 e-planning.net
pbjs.e-planning.net — Cisco Umbrella Rank: 6817
ads.us.e-planning.net — Cisco Umbrella Rank: 2619
s.e-planning.net — Cisco Umbrella Rank: 6807
u-ams03.e-planning.net — Cisco Umbrella Rank: 34239
i.e-planning.net — Cisco Umbrella Rank: 5911
sync.e-planning.net — Cisco Umbrella Rank: 5444
7 KB
13 aniview.com
player.aniview.com — Cisco Umbrella Rank: 1749
track1.aniview.com — Cisco Umbrella Rank: 1832
go1.aniview.com — Cisco Umbrella Rank: 6076
s2s.aniview.com — Cisco Umbrella Rank: 3422
429 KB
12 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 696
ice.360yield.com — Cisco Umbrella Rank: 2563
3 KB
12 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 807
1 KB
12 hhkld.com
amer.hhkld.com — Cisco Umbrella Rank: 108868
hhkld.com — Cisco Umbrella Rank: 60926
103 KB
11 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 904
tags.crwdcntrl.net — Cisco Umbrella Rank: 1044
sync.crwdcntrl.net — Cisco Umbrella Rank: 889
id.crwdcntrl.net — Cisco Umbrella Rank: 2986
33 KB
11 media.net
hbx.media.net — Cisco Umbrella Rank: 1346
contextual.media.net
warp.media.net
lg3.media.net
hblg.media.net
121 KB
11 openx.net
u.openx.net — Cisco Umbrella Rank: 752
underdogmedia-d.openx.net — Cisco Umbrella Rank: 25838
rtb.openx.net — Cisco Umbrella Rank: 830
us-u.openx.net — Cisco Umbrella Rank: 496
insticator-d.openx.net — Cisco Umbrella Rank: 20835
venatusmedia-d.openx.net
2 KB
11 track-selectmedia.com
track-selectmedia.com — Cisco Umbrella Rank: 28162
576 B
10 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 625
6 KB
10 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1313
6 KB
10 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1399
230 KB
10 missena.io
bid.missena.io — Cisco Umbrella Rank: 67933
sync.missena.io — Cisco Umbrella Rank: 86007
13 KB
10 selectmedia.asia
sm1.selectmedia.asia — Cisco Umbrella Rank: 30271
player.hb.selectmedia.asia — Cisco Umbrella Rank: 29487
ghb.hb.selectmedia.asia — Cisco Umbrella Rank: 31979
374 KB
9 adtelligent.com
ghb.adtelligent.com — Cisco Umbrella Rank: 6092
s.adtelligent.com — Cisco Umbrella Rank: 6715
sync.adtelligent.com — Cisco Umbrella Rank: 3097
player.adtelligent.com — Cisco Umbrella Rank: 6632
ghb1.adtelligent.com
18 KB
9 clarity.ms
www.clarity.ms — Cisco Umbrella Rank: 996
q.clarity.ms — Cisco Umbrella Rank: 8469
c.clarity.ms — Cisco Umbrella Rank: 1583
27 KB
9 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 55
region1.google-analytics.com — Cisco Umbrella Rank: 1869
42 KB
9 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1256
pixel.quantserve.com — Cisco Umbrella Rank: 995
cms.quantserve.com — Cisco Umbrella Rank: 878
21 KB
8 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 775
2 KB
8 sascdn.com
ced.sascdn.com — Cisco Umbrella Rank: 10438
ced-ns.sascdn.com — Cisco Umbrella Rank: 2853
59 KB
8 udmserve.net
udmserve.net — Cisco Umbrella Rank: 3613
edge.udmserve.net — Cisco Umbrella Rank: 28874
11 KB
8 adsafeprotected.com
pixel.adsafeprotected.com — Cisco Umbrella Rank: 774
static.adsafeprotected.com — Cisco Umbrella Rank: 663
dt.adsafeprotected.com — Cisco Umbrella Rank: 598
101 KB
7 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 810
3 KB
7 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 2136
shb.richaudience.com — Cisco Umbrella Rank: 3393
2 KB
7 exelator.com
loadeu.exelator.com — Cisco Umbrella Rank: 8830
loada.exelator.com — Cisco Umbrella Rank: 26482
6 KB
7 turn.com
ad.turn.com — Cisco Umbrella Rank: 987
3 KB
7 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 766
ce.lijit.com — Cisco Umbrella Rank: 1045
2 KB
7 quantcast.com
cmp.quantcast.com — Cisco Umbrella Rank: 3361
test.cmp.quantcast.com — Cisco Umbrella Rank: 11113
audit-tcfv2.cmp.quantcast.com — Cisco Umbrella Rank: 12494
186 KB
7 oo-syringe.com
www.oo-syringe.com — Cisco Umbrella Rank: 27087
229 KB
7 smilewanted.com
prebid.smilewanted.com Failed
csync.smilewanted.com — Cisco Umbrella Rank: 3381
static.smilewanted.com — Cisco Umbrella Rank: 11501
16 KB
7 id5-sync.com
id5-sync.com — Cisco Umbrella Rank: 440
cdn.id5-sync.com — Cisco Umbrella Rank: 874
79 KB
7 tmyzer.com
c.tmyzer.com — Cisco Umbrella Rank: 34928
2 KB
7 vidcrunch.com
tg1.vidcrunch.com — Cisco Umbrella Rank: 75266
servt.vidcrunch.com — Cisco Umbrella Rank: 79057
cdn.vidcrunch.com — Cisco Umbrella Rank: 84741
serv.vidcrunch.com — Cisco Umbrella Rank: 90926
5 MB
6 dotomi.com
proc.ad.cpe.dotomi.com — Cisco Umbrella Rank: 3635
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 4289
1 KB
6 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 798
2 KB
6 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1779
3 KB
6 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 613
3 KB
6 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 73
416 KB
6 creativecdn.com
prebid-us.creativecdn.com — Cisco Umbrella Rank: 24361
creativecdn.com — Cisco Umbrella Rank: 551
1 KB
6 zemanta.com
b1h.zemanta.com — Cisco Umbrella Rank: 7214
b1sync.zemanta.com — Cisco Umbrella Rank: 573
2 KB
6 4dex.io
script.4dex.io — Cisco Umbrella Rank: 1605
mp.4dex.io — Cisco Umbrella Rank: 3003
27 KB
5 yieldlab.net
ad.yieldlab.net — Cisco Umbrella Rank: 4417
3 KB
5 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 570
3 KB
5 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 892
4 KB
5 serv-selectmedia.com
serv-selectmedia.com — Cisco Umbrella Rank: 31147
402 KB
5 omnitagjs.com
hb-api.omnitagjs.com — Cisco Umbrella Rank: 4116
visitor.omnitagjs.com — Cisco Umbrella Rank: 1055
3 KB
5 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1040
781 B
5 avplayer.com
feed.avplayer.com — Cisco Umbrella Rank: 19760
player.avplayer.com — Cisco Umbrella Rank: 14543
content1.avplayer.com — Cisco Umbrella Rank: 21333
310 KB
5 cpx.to
p.cpx.to — Cisco Umbrella Rank: 11823
s.cpx.to — Cisco Umbrella Rank: 8140
3 KB
5 teads.tv
a.teads.tv — Cisco Umbrella Rank: 1558
at.teads.tv — Cisco Umbrella Rank: 4677
5 KB
5 google.com
www.google.com — Cisco Umbrella Rank: 3
adservice.google.com — Cisco Umbrella Rank: 121
fundingchoicesmessages.google.com — Cisco Umbrella Rank: 1724
121 KB
4 clean.gg
i.clean.gg — Cisco Umbrella Rank: 1335
119 B
4 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 845
s.tribalfusion.com — Cisco Umbrella Rank: 2074
2 KB
4 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 3017
2 KB
4 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 1078
804 B
4 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2942
3 KB
4 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23281
cr.frontend.weborama.fr — Cisco Umbrella Rank: 23029
1 KB
4 admanmedia.com
sync.admanmedia.com — Cisco Umbrella Rank: 5594
cs.admanmedia.com — Cisco Umbrella Rank: 1002
40 B
4 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1140
apex.go.sonobi.com — Cisco Umbrella Rank: 2560
2 KB
4 underdog.media
bid.underdog.media — Cisco Umbrella Rank: 18769
196 KB
4 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1197
3 KB
3 bidlab.ai
service.bidlab.ai — Cisco Umbrella Rank: 73782
885 B
3 polyfill.io
polyfill.io — Cisco Umbrella Rank: 1534
1 KB
3 ravenjs.com
cdn.ravenjs.com — Cisco Umbrella Rank: 8576
29 KB
3 btloader.com
btloader.com — Cisco Umbrella Rank: 1057
api.btloader.com — Cisco Umbrella Rank: 1146
7 KB
3 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 836
2 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 2264
a.ad.gt — Cisco Umbrella Rank: 2963
4 KB
3 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1628
848 B
3 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 579
2 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 632
usermatch.krxd.net — Cisco Umbrella Rank: 1440
935 B
3 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 514
1 KB
3 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 2405
29 KB
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 3685
pixel-sync.sitescout.com — Cisco Umbrella Rank: 769
561 B
3 unrulymedia.com
targeting.unrulymedia.com — Cisco Umbrella Rank: 871
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1386
625 B
3 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 1167
2 KB
3 rlcdn.com
ats.rlcdn.com — Cisco Umbrella Rank: 2739
api.rlcdn.com — Cisco Umbrella Rank: 1075
155 KB
3 ttwstatic.com
lf16-tiktok-web.ttwstatic.com — Cisco Umbrella Rank: 16072
23 KB
3 fontawesome.com
use.fontawesome.com — Cisco Umbrella Rank: 1165
153 KB
3 unblockia.com
cdn.unblockia.com — Cisco Umbrella Rank: 13361
loader.unblockia.com — Cisco Umbrella Rank: 14006
t.unblockia.com — Cisco Umbrella Rank: 12468
40 KB
2 pghub.io
pghub.io — Cisco Umbrella Rank: 2124
feed.pghub.io — Cisco Umbrella Rank: 2369
6 KB
2 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4919
682 B
2 truffle.bid
matching.truffle.bid — Cisco Umbrella Rank: 8116
2 erne.co
green.erne.co — Cisco Umbrella Rank: 28925
824 B
2 ctnsnet.com
ipac.ctnsnet.com — Cisco Umbrella Rank: 6550
571 B
2 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 3850
352 B
2 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6953
557 B
2 gammaplatform.com
cm-supply-web.gammaplatform.com — Cisco Umbrella Rank: 3532
1 KB
2 avct.cloud
ads.avct.cloud — Cisco Umbrella Rank: 5115
1 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5239
562 B
2 twimg.com
cdn.syndication.twimg.com — Cisco Umbrella Rank: 2903
pbs.twimg.com — Cisco Umbrella Rank: 1023
4 KB
2 ck-ie.com
us.ck-ie.com — Cisco Umbrella Rank: 3464
2 betweendigital.com
ads.betweendigital.com — Cisco Umbrella Rank: 1762
1 KB
2 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 156
600 B
2 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1141
1 KB
2 insticator.com
event.insticator.com — Cisco Umbrella Rank: 18328
118 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1047
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1179
83 B
2 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1536
716 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1112
930 B
2 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 670
stags.bluekai.com — Cisco Umbrella Rank: 621
914 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 215
2 KB
2 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 590
35 B
2 disqus.com
ssp.disqus.com — Cisco Umbrella Rank: 1474
571 B
2 powerad.ai
powerad.ai — Cisco Umbrella Rank: 20282
11 KB
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 667
eb2.3lift.com — Cisco Umbrella Rank: 429
681 B
2 criteo.net
static.criteo.net — Cisco Umbrella Rank: 623
60 KB
2 voltaxservices.io
content.voltaxservices.io — Cisco Umbrella Rank: 20172
factor-service.prod.voltaxservices.io — Cisco Umbrella Rank: 19915
29 KB
2 minutemediaservices.com
vms-players.minutemediaservices.com — Cisco Umbrella Rank: 20013
439 KB
2 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 257
25 KB
2 vntsm.io
hb.vntsm.io — Cisco Umbrella Rank: 40276
958 B
2 leadplace.fr
tag.leadplace.fr — Cisco Umbrella Rank: 40405
6 KB
2 stats.systems
stats.systems — Cisco Umbrella Rank: 487361
8 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 170
89 KB
2 instagram.com
platform.instagram.com — Cisco Umbrella Rank: 8348
www.instagram.com — Cisco Umbrella Rank: 1519
20 KB
2 vntsm.com
hb.vntsm.com — Cisco Umbrella Rank: 35964
301 KB
1 akamaihd.net
qsearch-a.akamaihd.net
296 B
1 adnxs-simple.com
acdn.adnxs-simple.com
ib.adnxs-simple.com Failed
44 KB
1 venatusmedia.com
track.venatusmedia.com — Cisco Umbrella Rank: 29948
163 B
1 rqtrk.eu
ws.rqtrk.eu — Cisco Umbrella Rank: 3704
352 B
1 taptapnetworks.com
sonata-notifications.taptapnetworks.com — Cisco Umbrella Rank: 8478
345 B
1 opera.com
t.adx.opera.com — Cisco Umbrella Rank: 2159 Failed
554 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 224
764 B
1 b-cdn.net
unibots.b-cdn.net — Cisco Umbrella Rank: 46989
1 KB
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 391
864 B
1 vimeocdn.com
i.vimeocdn.com — Cisco Umbrella Rank: 3317
81 KB
1 adotmob.com
sync.adotmob.com — Cisco Umbrella Rank: 1680
712 B
1 acuityplatform.com
ums.acuityplatform.com — Cisco Umbrella Rank: 1535
637 B
1 metadsp.co.uk
u.ipw.metadsp.co.uk — Cisco Umbrella Rank: 6341
237 B
1 ad4m.at
ad4m.at — Cisco Umbrella Rank: 10323
1 digitaleast.mobi
euexchangesync.digitaleast.mobi — Cisco Umbrella Rank: 24957
269 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 11025
215 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1360
213 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 541
532 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19848
84 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 97745
659 B
1 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1999
67 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 11129
411 B
1 mmvideosvc.com
drm.mmvideosvc.com — Cisco Umbrella Rank: 256962
325 B
1 mm-syringe.com
bucket1.mm-syringe.com — Cisco Umbrella Rank: 38563
43 KB
1 yellowblue.io
cs-server-s2s.yellowblue.io — Cisco Umbrella Rank: 2513
370 B
1 adkernel.com
sync.adkernel.com — Cisco Umbrella Rank: 1695
160 B
1 minutemedia-prebid.com
cs-rtb.minutemedia-prebid.com — Cisco Umbrella Rank: 4706
527 B
1 nextmillmedia.com
cookies.nextmillmedia.com — Cisco Umbrella Rank: 3935
189 B
1 tynt.com
ic.tynt.com — Cisco Umbrella Rank: 6476
1 unibots.in
newsbot.unibots.in — Cisco Umbrella Rank: 54529
610 B
1 ingage.tech
ex.ingage.tech — Cisco Umbrella Rank: 9842
193 B
1 bqstreamer.com
bqstreamer.com — Cisco Umbrella Rank: 16784
441 B
1 undertone.com
hb.undertone.com — Cisco Umbrella Rank: 4101
557 B
1 adleadevent.com
adtrack.adleadevent.com — Cisco Umbrella Rank: 40814
918 B
1 mmctsvc.com
cdn.mmctsvc.com — Cisco Umbrella Rank: 27876
363 B
1 datadoghq-browser-agent.com
www.datadoghq-browser-agent.com — Cisco Umbrella Rank: 1837
17 KB
1 wazimo.com
content.wazimo.com — Cisco Umbrella Rank: 34623
1 KB
1 privacymanager.io
geo.privacymanager.io — Cisco Umbrella Rank: 2083
606 B
1 resonate.com
cdn.resonate.com — Cisco Umbrella Rank: 9827
96 B
1 rkdms.com
id.sv.rkdms.com — Cisco Umbrella Rank: 5880
165 B
1 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 326
17 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1118
399 B
1 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 718
13 KB
1 mmvideocdn.com
injections.mmvideocdn.com — Cisco Umbrella Rank: 247209
4 KB
1 tiktok.com
www.tiktok.com — Cisco Umbrella Rank: 3452
549 B
1 tinyurl.win
tinyurl.win
909 B
0 sddan.com Failed
kvt.sddan.com Failed
1235 192
Domain Requested by
57 ads.viralize.tv imasdk.googleapis.com
monetize-static.viralize.tv
www.casho.la
36 www.casho.la 2 redirects www.google.com
www.casho.la
33 simage2.pubmatic.com ads.pubmatic.com
www.casho.la
28 usersync.gumgum.com 2 redirects g2.gumgum.com
rtb.gumgum.com
ads.pubmatic.com
27 pagead2.googlesyndication.com cdn.unblockia.com
imasdk.googleapis.com
tinyurl.win
24 c.amazon-adsystem.com embed.sendtonews.com
c.amazon-adsystem.com
hb.vntsm.com
serv-selectmedia.com
player.aniview.com
tinyurl.win
cdn.ravenjs.com
22 eus.rubiconproject.com player.aniview.com
ads.themoneytizer.com
eus.rubiconproject.com
public.servenobid.com
ads.us.e-planning.net
sync.missena.io
g2.gumgum.com
embed.sendtonews.com
rtb.gumgum.com
player.hb.selectmedia.asia
d1oykxszdrgjgl.cloudfront.net
tinyurl.win
19 mwzeom.zeotap.com 1 redirects www.casho.la
spl.zeotap.com
ads.pubmatic.com
18 x.bidswitch.net 10 redirects ads.us.e-planning.net
spl.zeotap.com
ssum-sec.casalemedia.com
g2.gumgum.com
rtb.gumgum.com
18 imasdk.googleapis.com cdn.unibotscdn.com
imasdk.googleapis.com
player.globalsun.io
d1oykxszdrgjgl.cloudfront.net
18 ads.themoneytizer.com www.casho.la
ads.themoneytizer.com
hb.vntsm.com
17 cm.g.doubleclick.net 13 redirects g2.gumgum.com
www.casho.la
rtb.gumgum.com
16 aax.amazon-adsystem.com c.amazon-adsystem.com
d1oykxszdrgjgl.cloudfront.net
hb.vntsm.com
tinyurl.win
cdn.ravenjs.com
15 match.adsrvr.org p.cpx.to
js-sec.indexww.com
spl.zeotap.com
ssum-sec.casalemedia.com
ssbsync.smartadserver.com
g2.gumgum.com
www.casho.la
hb.vntsm.com
rtb.gumgum.com
csync.smilewanted.com
ads.pubmatic.com
player.hb.selectmedia.asia
15 ib.adnxs.com 4 redirects p.cpx.to
ads.themoneytizer.com
bid.underdog.media
embed.sendtonews.com
spl.zeotap.com
hb.vntsm.com
acdn.adnxs.com
player.hb.selectmedia.asia
14 d29xw9s9x32j3w.cloudfront.net www.casho.la
embed.sendtonews.com
hb.vntsm.com
14 cdn.unibotscdn.com www.casho.la
cdn.unibotscdn.com
13 stream.unibotscdn.com hb.vntsm.com
13 cdn.taboola.com tinyurl.win
cdn.taboola.com
www.casho.la
13 image2.pubmatic.com 2 redirects ads.pubmatic.com
www.casho.la
13 ads.servenobid.com ads.themoneytizer.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
ads.pubmatic.com
hb.vntsm.com
13 platform.twitter.com www.casho.la
platform.twitter.com
12 prebid-server.rubiconproject.com embed.sendtonews.com
hb.vntsm.com
cdn.ravenjs.com
12 ups.analytics.yahoo.com 1 redirects www.casho.la
public.servenobid.com
ssum.casalemedia.com
sync.missena.io
hb.vntsm.com
ads.pubmatic.com
12 onetag-sys.com ads.themoneytizer.com
public.servenobid.com
ads.us.e-planning.net
s.adtelligent.com
csync.smilewanted.com
player.hb.selectmedia.asia
hb.vntsm.com
11 image6.pubmatic.com 3 redirects spl.zeotap.com
ads.pubmatic.com
11 secure.adnxs.com 8 redirects cdn.ravenjs.com
11 track-selectmedia.com www.casho.la
hb.vntsm.com
11 gum.criteo.com 1 redirects ads.themoneytizer.com
cdn.taboola.com
hb.vntsm.com
static.criteo.net
player.hb.selectmedia.asia
10 match.prod.bidr.io 10 redirects
10 pixel.onaudience.com 10 redirects
10 uipglob.semasio.net 5 redirects
10 csi.gstatic.com imasdk.googleapis.com
10 ads.pubmatic.com player.aniview.com
ads.themoneytizer.com
public.servenobid.com
ads.us.e-planning.net
sync.missena.io
g2.gumgum.com
s.adtelligent.com
rtb.gumgum.com
www.casho.la
10 secure.cdn.fastclick.net tinyurl.win
secure.cdn.fastclick.net
10 hhkld.com amer.hhkld.com
hhkld.com
d1oykxszdrgjgl.cloudfront.net
10 fonts.gstatic.com fonts.googleapis.com
9 csync.smartadserver.com d1oykxszdrgjgl.cloudfront.net
csync.smartadserver.com
tinyurl.win
9 csync-eu.smartadserver.com d1oykxszdrgjgl.cloudfront.net
csync-eu.smartadserver.com
9 pr-bh.ybp.yahoo.com 3 redirects ssum.casalemedia.com
ads.pubmatic.com
9 sync.missena.io ads.themoneytizer.com
sync.missena.io
ads.pubmatic.com
9 ad.360yield.com 4 redirects ads.themoneytizer.com
cdn.ravenjs.com
hb.vntsm.com
9 bidder.criteo.com ads.themoneytizer.com
bid.underdog.media
hb.vntsm.com
static.criteo.net
9 player.globalsun.io www.casho.la
player.globalsun.io
8 c1.adform.net 3 redirects ads.pubmatic.com
8 dsum-sec.casalemedia.com 1 redirects ssum-sec.casalemedia.com
ssum.casalemedia.com
8 sync-tm.everesttech.net 4 redirects ads.pubmatic.com
8 ww1097.smartadserver.com ced.sascdn.com
hb.vntsm.com
8 s2l.sendtonews.com embed.sendtonews.com
8 player.aniview.com d2na2p72vtqyok.cloudfront.net
player.aniview.com
player.avplayer.com
8 spl.zeotap.com ads.themoneytizer.com
spl.zeotap.com
ads.us.e-planning.net
7 monetize-static.viralize.tv imasdk.googleapis.com
d1oykxszdrgjgl.cloudfront.net
tinyurl.win
7 simage4.pubmatic.com ads.pubmatic.com
7 sync.srv.stackadapt.com 7 redirects
7 trc.taboola.com spl.zeotap.com
cdn.taboola.com
www.casho.la
7 ad.turn.com 7 redirects
7 secure-assets.rubiconproject.com 7 redirects
7 cdn.globalsun.io hb.vntsm.com
7 ced-ns.sascdn.com www.casho.la
csync.smartadserver.com
csync-eu.smartadserver.com
7 www.oo-syringe.com vms-players.minutemediaservices.com
7 pubads.g.doubleclick.net embed.sendtonews.com
imasdk.googleapis.com
7 ssc.33across.com ads.themoneytizer.com
hb.vntsm.com
7 c.tmyzer.com ads.themoneytizer.com
hb.vntsm.com
7 udmserve.net www.casho.la
bid.underdog.media
7 resources.infolinks.com www.casho.la
tinyurl.win
resources.infolinks.com
6 loada.exelator.com 6 redirects
6 sync.outbrain.com 4 redirects g2.gumgum.com
rtb.gumgum.com
6 pixel.rubiconproject.com 3 redirects www.casho.la
eus.rubiconproject.com
6 dsp.adfarm1.adition.com 6 redirects
6 sync.1rx.io 6 redirects
6 csync.smilewanted.com 1 redirects ads.themoneytizer.com
csync.smilewanted.com
6 ssc-cms.33across.com ads.themoneytizer.com
6 www.googletagmanager.com www.google-analytics.com
vms-players.minutemediaservices.com
www.googletagmanager.com
cdn.unibotscdn.com
6 ssum-sec.casalemedia.com 2 redirects public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
rtb.gumgum.com
6 rt3029.infolinks.com resources.infolinks.com
6 fastlane.rubiconproject.com ads.themoneytizer.com
player.hb.selectmedia.asia
hb.vntsm.com
5 contextual.media.net d1oykxszdrgjgl.cloudfront.net
tinyurl.win
www.casho.la
contextual.media.net
5 ad.yieldlab.net d1oykxszdrgjgl.cloudfront.net
cdn.ravenjs.com
tinyurl.win
5 images.taboola.com www.casho.la
5 rtb-csync.smartadserver.com 2 redirects ssbsync.smartadserver.com
5 bh.contextweb.com 5 redirects
5 p.rfihub.com 5 redirects
5 u-ams03.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
ads.pubmatic.com
5 sync.adtelligent.com ads.themoneytizer.com
ads.us.e-planning.net
s.adtelligent.com
ads.pubmatic.com
5 acdn.adnxs.com ads.themoneytizer.com
player.aniview.com
bid.underdog.media
player.hb.selectmedia.asia
www.casho.la
5 q.clarity.ms hb.vntsm.com
www.clarity.ms
5 ap.lijit.com player.aniview.com
public.servenobid.com
hb.vntsm.com
csync.smilewanted.com
5 cmp.quantcast.com hb.vntsm.com
cmp.quantcast.com
5 pixel.quantserve.com www.casho.la
5 serv-selectmedia.com sm1.selectmedia.asia
serv-selectmedia.com
hb.vntsm.com
5 prebid.a-mo.net 1 redirects ads.themoneytizer.com
hb.vntsm.com
5 www.google-analytics.com player.globalsun.io
www.google-analytics.com
hb.vntsm.com
www.googletagmanager.com
5 embed.sendtonews.com 1 redirects tinyurl.win
embed.sendtonews.com
4 c2shb.ssp.yahoo.com hb.vntsm.com
4 ams3-ib.adnxs.com d1oykxszdrgjgl.cloudfront.net
cdn.adnxs.com
4 prg.smartadserver.com cdn.ravenjs.com
hb.vntsm.com
4 i.clean.gg hb.vntsm.com
acdn.adnxs-simple.com
4 pixel-eu.onaudience.com 4 redirects
4 match.adsby.bidtheatre.com 4 redirects
4 pubmatic-match.dotomi.com ads.pubmatic.com
4 csync.loopme.me 4 redirects
4 a.audrte.com 3 redirects
4 sync.crwdcntrl.net 3 redirects www.casho.la
4 token.rubiconproject.com 4 redirects
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
www.casho.la
4 aax-eu.amazon-adsystem.com 1 redirects spl.zeotap.com
www.casho.la
ads.pubmatic.com
4 sync.richaudience.com 2 redirects spl.zeotap.com
tinyurl.win
4 player.hb.selectmedia.asia tinyurl.win
player.hb.selectmedia.asia
4 region1.google-analytics.com www.googletagmanager.com
4 securepubads.g.doubleclick.net hb.vntsm.com
tinyurl.win
securepubads.g.doubleclick.net
4 bid.underdog.media udmserve.net
bid.underdog.media
www.casho.la
4 s.cpx.to p.cpx.to
www.casho.la
4 dt.adsafeprotected.com www.casho.la
4 pbjs.e-planning.net 1 redirects www.casho.la
player.hb.selectmedia.asia
hb.vntsm.com
4 rules.quantcount.com secure.quantserve.com
4 id5-sync.com ads.themoneytizer.com
ced.sascdn.com
www.casho.la
4 a.teads.tv ads.themoneytizer.com
hb.vntsm.com
4 fonts.googleapis.com www.casho.la
embed.sendtonews.com
vms-players.minutemediaservices.com
3 lg3.media.net www.casho.la
contextual.media.net
3 service.bidlab.ai cdn.ravenjs.com
3 ice.360yield.com cdn.ravenjs.com
3 adx.adform.net cdn.ravenjs.com
3 shb.richaudience.com cdn.ravenjs.com
3 polyfill.io d1oykxszdrgjgl.cloudfront.net
3 cdn.ravenjs.com d1oykxszdrgjgl.cloudfront.net
3 csync-global.smartadserver.com 3 redirects
3 um.simpli.fi 2 redirects www.casho.la
3 am-trc-events.taboola.com www.casho.la
cdn.taboola.com
3 ghb.hb.selectmedia.asia player.hb.selectmedia.asia
3 pixel-eu.rubiconproject.com eus.rubiconproject.com
3 creativecdn.com 3 redirects
3 tags.crwdcntrl.net s.e-planning.net
tags.crwdcntrl.net
tinyurl.win
3 cm.adgrx.com ssum.casalemedia.com
ads.pubmatic.com
3 b1sync.zemanta.com 3 redirects
3 us-u.openx.net 2 redirects rtb.gumgum.com
3 ads.stickyadstv.com 1 redirects ssum-sec.casalemedia.com
3 bcp.crwdcntrl.net 1 redirects tags.crwdcntrl.net
3 idsync.frontend.weborama.fr 2 redirects www.casho.la
3 pixel.tapad.com 2 redirects spl.zeotap.com
3 cdn.id5-sync.com tinyurl.win
3 cdn.hadronid.net tinyurl.win
3 ssbsync.smartadserver.com 1 redirects public.servenobid.com
rtb.gumgum.com
3 ad-delivery.net hb.vntsm.com
3 sync.go.sonobi.com www.casho.la
ads.us.e-planning.net
public.servenobid.com
3 image8.pubmatic.com 3 redirects
3 hb-api.omnitagjs.com ads.themoneytizer.com
hb.vntsm.com
3 mp.4dex.io ads.themoneytizer.com
hb.vntsm.com
3 prebid-us.creativecdn.com ads.themoneytizer.com
player.hb.selectmedia.asia
hb.vntsm.com
3 b1h.zemanta.com ads.themoneytizer.com
www.casho.la
hb.vntsm.com
3 syndication.twitter.com platform.twitter.com
www.casho.la
3 servt.vidcrunch.com www.casho.la
player.aniview.com
3 player.avplayer.com tg1.vidcrunch.com
www.casho.la
3 script.4dex.io ads.themoneytizer.com
script.4dex.io
d1oykxszdrgjgl.cloudfront.net
3 router.infolinks.com resources.infolinks.com
3 track1.aniview.com www.casho.la
player.aniview.com
3 sm1.selectmedia.asia www.casho.la
3 casho.la 3 redirects
3 lf16-tiktok-web.ttwstatic.com www.casho.la
www.tiktok.com
3 use.fontawesome.com www.casho.la
use.fontawesome.com
2 ads.playground.xyz 2 redirects
2 pixel-sync.sitescout.com ads.pubmatic.com
2 matching.truffle.bid ads.pubmatic.com
2 green.erne.co 2 redirects
2 ipac.ctnsnet.com ads.pubmatic.com
2 ad.mrtnsvr.com 2 redirects
2 core.iprom.net ads.pubmatic.com
2 s.tribalfusion.com ads.pubmatic.com
2 a.tribalfusion.com 2 redirects
2 cm-supply-web.gammaplatform.com 2 redirects
2 ads.avct.cloud 2 redirects
2 cds.taboola.com cdn.taboola.com
2 pips.taboola.com cdn.taboola.com
2 c.clarity.ms 1 redirects
2 btloader.com 1 redirects www.casho.la
2 d5p.de17a.com 2 redirects
2 proc.ad.cpe.dotomi.com hb.vntsm.com
secure.cdn.fastclick.net
2 us.ck-ie.com csync.smilewanted.com
2 ads.betweendigital.com 2 redirects
2 sb.scorecardresearch.com www.casho.la
2 id.hadron.ad.gt hb.vntsm.com
2 cms.quantserve.com 2 redirects
2 fundingchoicesmessages.google.com securepubads.g.doubleclick.net
2 cs.admanmedia.com g2.gumgum.com
rtb.gumgum.com
2 tg.socdm.com 2 redirects
2 sync.smartadserver.com 2 redirects
2 visitor.omnitagjs.com 2 redirects
2 event.insticator.com hb.vntsm.com
2 pm.w55c.net 2 redirects
2 match.deepintent.com g2.gumgum.com
rtb.gumgum.com
2 sync.technoratimedia.com 2 redirects
2 sync.ipredictive.com 2 redirects
2 beacon.krxd.net spl.zeotap.com
2 dpm.demdex.net 2 redirects
2 dmp.adform.net 1 redirects spl.zeotap.com
2 match.sharethrough.com public.servenobid.com
csync.smilewanted.com
2 ce.lijit.com 2 redirects
2 ssp.disqus.com 2 redirects
2 rtb.openx.net ads.us.e-planning.net
hb.vntsm.com
2 sync.admanmedia.com ads.us.e-planning.net
public.servenobid.com
2 cm.adform.net ads.themoneytizer.com
csync.smilewanted.com
2 powerad.ai player.aniview.com
2 video-ads.rubiconproject.com player.aniview.com
2 targeting.unrulymedia.com embed.sendtonews.com
2 static.criteo.net ads.themoneytizer.com
hb.vntsm.com
2 underdogmedia-d.openx.net bid.underdog.media
hb.vntsm.com
2 adservice.google.com imasdk.googleapis.com
2 u.openx.net www.casho.la
2 cdn.vidcrunch.com www.casho.la
2 ats.rlcdn.com hb.vntsm.com
secure.cdn.fastclick.net
2 www.clarity.ms tinyurl.win
www.clarity.ms
2 vms-players.minutemediaservices.com injections.mmvideocdn.com
vms-players.minutemediaservices.com
2 cdnjs.cloudflare.com embed.sendtonews.com
2 api-player.globalsun.io player.globalsun.io
hb.vntsm.com
2 hb.vntsm.io hb.vntsm.com
2 secure.quantserve.com ads.themoneytizer.com
cmp.quantcast.com
2 tag.leadplace.fr ads.themoneytizer.com
tag.leadplace.fr
2 static.adsafeprotected.com pixel.adsafeprotected.com
www.casho.la
2 amer.hhkld.com www.casho.la
amer.hhkld.com
2 d2na2p72vtqyok.cloudfront.net www.casho.la
player.aniview.com
2 embedcdn.sendtonews.com www.casho.la
2 pixel.adsafeprotected.com www.casho.la
2 stats.systems www.casho.la
2 connect.facebook.net www.casho.la
connect.facebook.net
2 ajax.googleapis.com www.casho.la
d2zur9cc2gf1tx.cloudfront.net
2 hb.vntsm.com www.casho.la
hb.vntsm.com
2 d280h7aj1u7b0w.cloudfront.net 1 redirects www.casho.la
1 venatusmedia-d.openx.net hb.vntsm.com
1 hblg.media.net www.casho.la
1 cdn.adnxs.com d1oykxszdrgjgl.cloudfront.net
1 warp.media.net d1oykxszdrgjgl.cloudfront.net
1 qsearch-a.akamaihd.net d1oykxszdrgjgl.cloudfront.net
1 acdn.adnxs-simple.com d1oykxszdrgjgl.cloudfront.net
1 ghb1.adtelligent.com hb.vntsm.com
1 feed.pghub.io d1oykxszdrgjgl.cloudfront.net
1 pghub.io d1oykxszdrgjgl.cloudfront.net
1 www8.smartadserver.com d1oykxszdrgjgl.cloudfront.net
1 track.venatusmedia.com hb.vntsm.com
1 d1oykxszdrgjgl.cloudfront.net hb.vntsm.com
1 id.crwdcntrl.net player.hb.selectmedia.asia
1 ws.rqtrk.eu 1 redirects
1 sonata-notifications.taptapnetworks.com 1 redirects
1 t.adx.opera.com ads.pubmatic.com
1 edge.udmserve.net hb.vntsm.com
1 mug.criteo.com
1 ad.doubleclick.net
1 api.btloader.com btloader.com
1 c.bing.com 1 redirects
1 pbs.twimg.com www.casho.la
1 cr.frontend.weborama.fr 1 redirects
1 dis.criteo.com ads.pubmatic.com
1 audit-tcfv2.cmp.quantcast.com hb.vntsm.com
1 cdn.syndication.twimg.com platform.twitter.com
1 a.ad.gt cdn.hadronid.net
1 insticator-d.openx.net player.aniview.com
1 test.cmp.quantcast.com hb.vntsm.com
1 pixel-us-east.rubiconproject.com public.servenobid.com
1 player.adtelligent.com player.hb.selectmedia.asia
1 sync.e-planning.net rtb.gumgum.com
1 unibots.b-cdn.net cdn.unibotscdn.com
1 px.ads.linkedin.com www.casho.la
1 eb2.3lift.com ads.us.e-planning.net
1 rtb.gumgum.com ads.us.e-planning.net
1 i.vimeocdn.com www.casho.la
1 sync.adotmob.com 1 redirects
1 apex.go.sonobi.com hb.vntsm.com
1 ums.acuityplatform.com 1 redirects
1 stags.bluekai.com 1 redirects
1 u.ipw.metadsp.co.uk 1 redirects
1 ad4m.at ssum-sec.casalemedia.com
1 euexchangesync.digitaleast.mobi 1 redirects
1 stats.g.doubleclick.net hb.vntsm.com
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 odr.mookie1.com spl.zeotap.com
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 sync.tidaltv.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 static.smilewanted.com csync.smilewanted.com
1 drm.mmvideosvc.com vms-players.minutemediaservices.com
1 bucket1.mm-syringe.com www.oo-syringe.com
1 i.e-planning.net ads.us.e-planning.net
1 ssum.casalemedia.com ads.us.e-planning.net
1 hbx.media.net 1 redirects
1 sync.targeting.unrulymedia.com 1 redirects
1 cs-server-s2s.yellowblue.io public.servenobid.com
1 sync.adkernel.com public.servenobid.com
1 cs-rtb.minutemedia-prebid.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 cookies.nextmillmedia.com 1 redirects
1 s.e-planning.net ads.us.e-planning.net
1 pixel.sitescout.com ads.us.e-planning.net
1 s.adtelligent.com ads.themoneytizer.com
1 public.servenobid.com ads.themoneytizer.com
1 ic.tynt.com ads.themoneytizer.com
1 ads.us.e-planning.net ads.themoneytizer.com
1 newsbot.unibots.in cdn.unibotscdn.com
1 s2s.aniview.com player.aniview.com
1 ex.ingage.tech player.aniview.com
1 factor-service.prod.voltaxservices.io vms-players.minutemediaservices.com
1 bqstreamer.com vms-players.minutemediaservices.com
1 hb.undertone.com embed.sendtonews.com
1 tlx.3lift.com embed.sendtonews.com
1 htlb.casalemedia.com embed.sendtonews.com
1 hbopenbid.pubmatic.com embed.sendtonews.com
1 adtrack.adleadevent.com ajax.googleapis.com
1 serv.vidcrunch.com player.aniview.com
1 go1.aniview.com player.aniview.com
1 content1.avplayer.com www.casho.la
1 cdn.mmctsvc.com vms-players.minutemediaservices.com
1 content.voltaxservices.io vms-players.minutemediaservices.com
1 www.datadoghq-browser-agent.com vms-players.minutemediaservices.com
1 content.wazimo.com vms-players.minutemediaservices.com
1 geo.privacymanager.io ats.rlcdn.com
1 t.unblockia.com cdn.unblockia.com
1 cdn.resonate.com embed.sendtonews.com
1 player.sendtonews.com embed.sendtonews.com
1 api.rlcdn.com js-sec.indexww.com
1 id.sv.rkdms.com js-sec.indexww.com
1 pixel-us-west.rubiconproject.com www.casho.la
1 image4.pubmatic.com 1 redirects
1 s0.2mdn.net imasdk.googleapis.com
1 bid.missena.io ads.themoneytizer.com
1 ghb.adtelligent.com ads.themoneytizer.com
1 at.teads.tv a.teads.tv
1 loader.unblockia.com cdn.unblockia.com
1 lb.eu-1-id5-sync.com ads.themoneytizer.com
1 feed.avplayer.com tg1.vidcrunch.com
1 js-sec.indexww.com embed.sendtonews.com
1 d2zur9cc2gf1tx.cloudfront.net ads.themoneytizer.com
1 p.cpx.to ads.themoneytizer.com
1 ced.sascdn.com ads.themoneytizer.com
1 injections.mmvideocdn.com www.casho.la
1 tg1.vidcrunch.com www.casho.la
1 www.tiktok.com 1 redirects
1 www.instagram.com www.casho.la
1 platform.instagram.com 1 redirects
1 cdn.unblockia.com www.casho.la
1 www.google.com tinyurl.win
1 tinyurl.win
0 ib.adnxs-simple.com Failed hb.vntsm.com
0 lexicon.33across.com Failed hb.vntsm.com
0 as-sec.casalemedia.com Failed js-sec.indexww.com
0 prebid.smilewanted.com Failed ads.themoneytizer.com
hb.vntsm.com
0 kvt.sddan.com Failed ads.themoneytizer.com
hb.vntsm.com
1235 349

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
web.whatsapp.com
unibots.in
globalsun.io
www.vidcrunch.com
Subject Issuer Validity Valid
tinyurl.win
GTS CA 1P5		 2023-06-21 -
2023-09-19		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
casho.la
GTS CA 1P5		 2023-06-23 -
2023-09-21		 3 months crt.sh
cdn.unibotscdn.com
R3		 2023-07-18 -
2023-10-16		 3 months crt.sh
*.unblockia.com
Amazon RSA 2048 M01		 2023-02-21 -
2024-03-22		 a year crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.vntsm.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-10 -
2024-04-08		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
use.fontawesome.com
GTS CA 1P5		 2023-07-04 -
2023-10-02		 3 months crt.sh
*.twimg.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-28 -
2024-07-26		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-05-17 -
2023-08-15		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-03-26 -
2024-03-25		 a year crt.sh
fw.adsafeprotected.com
Amazon RSA 2048 M02		 2023-03-29 -
2024-04-27		 a year crt.sh
udmserve.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-29 -
2024-04-28		 a year crt.sh
1266287590.rsc.cdn77.org
R3		 2023-07-19 -
2023-10-17		 3 months crt.sh
hhkld.com
R3		 2023-06-23 -
2023-09-21		 3 months crt.sh
serv-selectmedia.com
GTS CA 1D4		 2023-06-28 -
2023-09-26		 3 months crt.sh
wl.aniview.com
R3		 2023-06-29 -
2023-09-27		 3 months crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
bucket1.mm-syringe.com
Amazon RSA 2048 M02		 2023-04-26 -
2024-05-24		 a year crt.sh
sendtonews.com
Amazon RSA 2048 M02		 2022-11-21 -
2023-12-20		 a year crt.sh
c.tmyzer.com
R3		 2023-07-24 -
2023-10-22		 3 months crt.sh
*.sascdn.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-07-14 -
2024-07-17		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-07-19 -
2023-10-18		 3 months crt.sh
*.leadplace.fr
Gandi Standard SSL CA 2		 2022-09-13 -
2023-09-13		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-28 -
2024-01-28		 a year crt.sh
teads.tv
R3		 2023-06-26 -
2023-09-24		 3 months crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-09 -
2023-09-09		 a year crt.sh
p.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-13		 a year crt.sh
*.aniview.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-11-09		 a year crt.sh
*.id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
script.4dex.io
Cloudflare Inc ECC CA-3		 2022-11-23 -
2023-11-22		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
api-player.globalsun.io
ZeroSSL RSA Domain Secure Site CA		 2023-05-30 -
2024-05-29		 a year crt.sh
c.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-02-28 -
2024-02-17		 a year crt.sh
*.sendtonews.com
Amazon RSA 2048 M01		 2023-04-18 -
2024-05-16		 a year crt.sh
*.avplayer.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2022-08-08 -
2023-09-08		 a year crt.sh
*.vidcrunch.com
Amazon RSA 2048 M01		 2023-02-11 -
2024-03-11		 a year crt.sh
players.mmvideocdn.com
Amazon RSA 2048 M02		 2023-04-26 -
2024-05-24		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2023-07-04 -
2023-10-02		 3 months crt.sh
syndication.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-02-05 -
2024-02-05		 a year crt.sh
www.clarity.ms
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-01 -
2023-12-01		 a year crt.sh
quantserve.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2023-02-13 -
2024-03-15		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
*.a-mo.net
R3		 2023-08-07 -
2023-11-05		 3 months crt.sh
*.zemanta.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-08-16 -
2023-09-06		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.creativecdn.com
RapidSSL TLS RSA CA G1		 2023-03-29 -
2024-04-28		 a year crt.sh
ads.servenobid.com
Amazon RSA 2048 M01		 2023-04-29 -
2024-05-27		 a year crt.sh
ghb.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.missena.io
Amazon RSA 2048 M02		 2023-03-01 -
2024-03-30		 a year crt.sh
omnitagjs.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-23 -
2024-07-22		 a year crt.sh
*.360yield.com
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
ssc.33across.com
GTS CA 1D4		 2023-07-03 -
2023-10-01		 3 months crt.sh
dt.adsafeprotected.com
Amazon RSA 2048 M01		 2023-05-09 -
2024-06-06		 a year crt.sh
track-selectmedia.com
GTS CA 1D4		 2023-06-28 -
2023-09-26		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
*.ttwstatic.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2022-11-11 -
2023-12-12		 a year crt.sh
s.cpx.to
Sectigo RSA Domain Validation Secure Server CA		 2023-01-12 -
2024-01-17		 a year crt.sh
underdog.media
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-29 -
2024-04-28		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-08-03 -
2024-01-24		 6 months crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2022-12-06 -
2024-01-07		 a year crt.sh
securedvisit.com
Amazon RSA 2048 M01		 2023-03-01 -
2023-11-26		 9 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.privacymanager.io
Amazon RSA 2048 M01		 2023-07-27 -
2024-08-24		 a year crt.sh
*.datadoghq-browser-agent.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-14 -
2024-01-16		 a year crt.sh
orchestration-service.prod.voltaxservices.io
Amazon RSA 2048 M02		 2023-03-31 -
2024-04-28		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2022-07-21 -
2023-08-21		 a year crt.sh
*.google.com
GTS CA 1C3		 2023-07-10 -
2023-10-02		 3 months crt.sh
cdn.mmctsvc.com
Amazon RSA 2048 M02		 2023-05-05 -
2024-06-02		 a year crt.sh
secure.cdn.fastclick.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-02 -
2023-12-02		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
*.adleadevent.com
Amazon RSA 2048 M01		 2023-06-27 -
2024-07-25		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-08-05 -
2023-10-31		 3 months crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2023-04-20 -
2024-05-20		 a year crt.sh
casalemedia.com
Cloudflare Inc ECC CA-3		 2023-05-21 -
2024-05-20		 a year crt.sh
*.targeting.unrulymedia.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-10 -
2024-05-10		 a year crt.sh
*.3lift.com
Amazon RSA 2048 M02		 2023-04-13 -
2024-05-11		 a year crt.sh
*.undertone.com
Amazon RSA 2048 M02		 2023-08-03 -
2024-08-30		 a year crt.sh
aax-dtb-mobile-cf.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-03-16 -
2024-03-08		 a year crt.sh
cmp.quantcast.com
R3		 2023-06-13 -
2023-09-11		 3 months crt.sh
factor-service.prod.voltaxservices.io
Amazon RSA 2048 M02		 2023-03-30 -
2024-04-27		 a year crt.sh
1660445907.rsc.cdn77.org
R3		 2023-06-20 -
2023-09-18		 3 months crt.sh
*.ingage.tech
Sectigo RSA Organization Validation Secure Server CA		 2023-07-28 -
2024-08-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2023-05-06 -
2024-05-04		 a year crt.sh
player.hb.selectmedia.asia
R3		 2023-06-24 -
2023-09-22		 3 months crt.sh
cricket.unibots.in
R3		 2023-06-22 -
2023-09-20		 3 months crt.sh
powerad.ai
Amazon RSA 2048 M01		 2023-05-29 -
2024-06-26		 a year crt.sh
a.clarity.ms
Microsoft Azure TLS Issuing CA 06		 2023-02-13 -
2024-02-08		 a year crt.sh
*.33across.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-06 -
2023-09-30		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2022-10-21 -
2023-10-22		 a year crt.sh
ads.us.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.tynt.com
Sectigo RSA Domain Validation Secure Server CA		 2022-09-07 -
2023-09-30		 a year crt.sh
*.servenobid.com
Amazon RSA 2048 M02		 2023-02-21 -
2024-02-05		 a year crt.sh
s.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-26 -
2023-10-24		 3 months crt.sh
*.adform.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-25 -
2024-06-18		 a year crt.sh
sync.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-07-23 -
2023-10-21		 3 months crt.sh
*.sitescout.com
GeoTrust Global TLS RSA4096 SHA256 2022 CA1		 2023-01-09 -
2024-02-02		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2023-04-20 -
2024-05-21		 a year crt.sh
*.e-planning.net
R3		 2023-07-14 -
2023-10-12		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2023-03-23 -
2024-03-23		 a year crt.sh
gumgum.com
Amazon RSA 2048 M02		 2023-08-07 -
2024-09-05		 a year crt.sh
*.minutemedia-prebid.com
Amazon RSA 2048 M01		 2023-05-01 -
2024-05-29		 a year crt.sh
*.adkernel.com
AlphaSSL CA - SHA256 - G4		 2023-01-03 -
2024-02-04		 a year crt.sh
*.yellowblue.io
Amazon ECDSA 256 M02		 2023-04-18 -
2024-05-16		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-06-14 -
2024-07-12		 a year crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2023-01-09 -
2024-02-09		 a year crt.sh
drm.mmvideosvc.com
Amazon RSA 2048 M02		 2023-04-17 -
2024-05-15		 a year crt.sh
hadronid.net
GTS CA 1P5		 2023-06-09 -
2023-09-07		 3 months crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-09 -
2023-12-10		 a year crt.sh
*.tidaltv.com
Sectigo RSA Domain Validation Secure Server CA		 2023-06-08 -
2024-07-08		 a year crt.sh
*.exelator.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-05-29 -
2024-06-11		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-09-14 -
2023-10-15		 a year crt.sh
dmp.theadex.com
R3		 2023-06-23 -
2023-09-21		 3 months crt.sh
*.mookie1.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-03-29		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-14 -
2024-04-12		 a year crt.sh
*.richaudience.com
RapidSSL Global TLS RSA4096 SHA256 2022 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-07 -
2024-02-08		 a year crt.sh
*.ads.stickyadstv.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-04-16 -
2024-04-16		 a year crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-11-30 -
2024-01-01		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-04-04 -
2023-09-27		 6 months crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2023-03-03 -
2024-03-31		 a year crt.sh
*.insticator.com
Sectigo RSA Organization Validation Secure Server CA		 2022-07-27 -
2023-08-26		 a year crt.sh
*.crwdcntrl.net
Amazon RSA 2048 M01		 2022-11-07 -
2023-12-06		 a year crt.sh
*.vimeocdn.com
GlobalSign Atlas R3 DV TLS CA 2023 Q1		 2023-02-18 -
2024-03-21		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon RSA 2048 M02		 2023-02-08 -
2024-02-15		 a year crt.sh
aax-eu.amazon-adsystem.com
Amazon RSA 2048 M01		 2023-06-21 -
2024-03-02		 8 months crt.sh
*.b-cdn.net
Sectigo RSA Domain Validation Secure Server CA		 2022-11-07 -
2023-11-11		 a year crt.sh
player.adtelligent.com
R3		 2023-07-19 -
2023-10-17		 3 months crt.sh
stream.unibotscdn.com
R3		 2023-08-06 -
2023-11-04		 3 months crt.sh
ghb.hb.selectmedia.asia
ZeroSSL ECC Domain Secure Site CA		 2023-07-31 -
2023-10-29		 3 months crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
ck-ie.com
Go Daddy Secure Certificate Authority - G2		 2022-11-12 -
2023-12-14		 a year crt.sh
ad.cpe.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2023-06-09 -
2024-07-10		 a year crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-07 -
2023-12-08		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-06-13 -
2023-09-11		 3 months crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-11-07 -
2023-12-09		 a year crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2022-08-09 -
2023-09-10		 a year crt.sh
*.iprom.net
R3		 2023-05-23 -
2023-08-21		 3 months crt.sh
*.ctnsnet.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-01-04 -
2023-11-06		 10 months crt.sh
truffle.bid
R3		 2023-05-24 -
2023-08-22		 3 months crt.sh
*.viralize.tv
Sectigo RSA Domain Validation Secure Server CA		 2022-12-07 -
2023-12-11		 a year crt.sh
monetize-static.viralize.tv
R3		 2023-05-30 -
2023-08-28		 3 months crt.sh
i.clean.gg
GTS CA 1D4		 2023-07-21 -
2023-10-19		 3 months crt.sh
*.venatusmedia.com
Amazon RSA 2048 M02		 2023-01-24 -
2024-02-22		 a year crt.sh
*.pghub.io
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-08		 a year crt.sh
*.yieldlab.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-11-16 -
2023-11-15		 a year crt.sh
cdn.ravenjs.com
GlobalSign Atlas R3 DV TLS CA 2023 Q2		 2023-06-03 -
2024-07-04		 a year crt.sh
polyfill.io
GlobalSign Atlas R3 DV TLS CA 2022 Q4		 2022-12-10 -
2024-01-11		 a year crt.sh
*.bidlab.ai
R3		 2023-05-31 -
2023-08-29		 3 months crt.sh
ghb1.adtelligent.com
ZeroSSL ECC Domain Secure Site CA		 2023-08-03 -
2023-11-01		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
a248.e.akamai.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-05-16 -
2024-05-15		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-05-23 -
2023-11-15		 6 months crt.sh

This page contains 222 frames:

Primary Page: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Frame ID: FE4D9AC67991B343F7E7560617D92FF9
Requests: 496 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691431907562
Frame ID: D6840F5BA15C3D89C4913335503DD3C5
Requests: 1 HTTP requests in this frame

Frame: https://router.infolinks.com/usync/manage?pid=3236112&wsid=19&pdom=www.casho.la&purl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Frame ID: B827A3D07B6BF27EB5861BF91354ED56
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.casho.la
Frame ID: 01EE3B79796D8AA80375EA4FD3E59DD2
Requests: 2 HTTP requests in this frame

Frame: https://www.casho.la/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
Frame ID: C1FDFE253FA737E3AA22897015E894F9
Requests: 2 HTTP requests in this frame

Frame: https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Frame ID: A57DA98ABF4FE326E819EDC58D2A2C5B
Requests: 18 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 9AB1AFF75CFED1CC472A18617F5CFCB3
Requests: 1 HTTP requests in this frame

Frame: https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&id=MTIZ
Frame ID: CB198AEBBDAF4124EB8D2762D1A81BDC
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 3597FDEAE65A1DE5A654F0602DC2E301
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B33FF0D368854DAF4FC6D72346091117
Requests: 1 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Frame ID: F2E6FD95FDB87C2D22E4F47C9539222B
Requests: 9 HTTP requests in this frame

Frame: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62d0073a5831594d4e154ea4
Frame ID: A34E2F33810C6B62B37A0FC7D08B86C5
Requests: 3 HTTP requests in this frame

Frame: https://vms-players.minutemediaservices.com/mplayer-bridge.html
Frame ID: AC3469A345E6756358E175CD65F753A9
Requests: 1 HTTP requests in this frame

Frame: https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Frame ID: 64C81755B1ECC9CA65A8A447BB69EFE1
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: C7A78944C9D670565F7AFA7CBE4309AB
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 1B3FD8101E53C42C3A1487B189D83AD6
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 31F225D3CDDCF65F2E6D005A37684E14
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/shared/tbframe.js
Frame ID: 338270BA75C3AD2F47FF36D3655837E0
Requests: 1 HTTP requests in this frame

Frame: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Frame ID: B1F79592F46785980416605CF4341BAC
Requests: 13 HTTP requests in this frame

Frame: https://udmserve.net/udm/img.fetch?sid=17661;tid=1;dt=7;p=1;rri=1691431908178_951983_80.255.7.104;mid=43264;zzz=1;version=v2.21.3;cb=0.4794156662066029;session=1;style=slider;vis=visible;traffic_info=%7B%7D;gdprApplies=true;consentGiven=false;consentData=cmpMissing
Frame ID: A686A04698F32F088D3043F990E21BC2
Requests: 1 HTTP requests in this frame

Frame: https://www.googletagmanager.com/ns.html?id=GTM-PL4PD49
Frame ID: 0F51950FF88C9B71C509FBF5A0E29D57
Requests: 1 HTTP requests in this frame

Frame: https://ads.themoneytizer.com/passback/moneytizer/728x90.png
Frame ID: 105325B353F734876096C6315308BA2F
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: A0A969EC6EBC8A4540D20B60CA1A2065
Requests: 19 HTTP requests in this frame

Frame: https://ex.ingage.tech/v1/syncPage/aniview?to=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1691431911851-973536490909-001235-006-009438%26biddername%3D155%26pid%3D5d8ccec528a0617cae5a0755%26key%3DINSTUID
Frame ID: 987DCB91FD3BBF167DFA9EC8A99FD9E8
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Frame ID: 5E4AD7C1055F89A12F386CA1B682EF73
Requests: 10 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1691431911851-973536490909-001235-006-009438%26biddername%3D18%26key%3D%24UID
Frame ID: B83125CCA0208D184B6BC2AB3F3D7EFE
Requests: 1 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: A129D364B08907CF99D9533D6A194A91
Requests: 7 HTTP requests in this frame

Frame: https://player.hb.selectmedia.asia/prebidlink/469842/hb_310028_13810.js
Frame ID: C3B2DFD3EA0054FC449D939439D183EA
Requests: 20 HTTP requests in this frame

Frame: https://c.amazon-adsystem.com/aax2/apstag.js
Frame ID: 8D1CCA8DC4269C171F523894F988901E
Requests: 6 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 6426EFF81F9B96C9E6EE88404B4F0858
Requests: 12 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: B7015AC3764F2CFB63862CEF0A2F433F
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 41EA5227ECA8A9FC840335DC8E84D25F
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CE60880D6E3160206B0CDED4CDA3993A
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bpjP6uza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 366514F656D67E12D3C605D8DB736B88
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d5jv24zaar7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 87F8585BB2251AB3120F6D7378894B07
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6E88BD141C0D5A30E259B7FA228C8DB6
Requests: 2 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Frame ID: F47C74C4E8E7E6408B5EB6210C0FA43C
Requests: 13 HTTP requests in this frame

Frame: https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Frame ID: B28F8AE579A5734A6E4096098244AD85
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 8315C5F93845B6F95ED63A680F347346
Requests: 14 HTTP requests in this frame

Frame: https://s.adtelligent.com/sync.html?aid=651796
Frame ID: 0533C0A99D59A1DCCBDADCC9363987D6
Requests: 2 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bHj7xyza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: A8AE7DF39D39CE1A74E9C6269E35C1FF
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/
Frame ID: EE8A40DBC139467CF39312BB44BA9555
Requests: 2 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 6AE0845285BE8E38DB8AC867F23316D7
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 58C4A24C57F00ADA0C79B77732740F54
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Frame ID: DA1DD22568D8C69052223B8FFEEE0C5C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aiQovMzaer7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 08EEAAAFE6FE1EB9613A82C7778B3C1C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
Frame ID: 1429713BCFD4657549CB1B75C978412C
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=btze1Sza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: 6094091697200E39639B5E0C9CE586E1
Requests: 1 HTTP requests in this frame

Frame: https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Frame ID: BFBFEAD77B42E6819A810087A2F4B034
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/iframe
Frame ID: 83B40968D3B5C759C74A5A8DD629712F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Frame ID: E9C7350480614A094AE2F79EC3288011
Requests: 11 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5730477144318325021
Frame ID: 881D5DA717DE7F1CD29210BF3D00097D
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1691431909232
Frame ID: 560BE7ED6086AD8A723200518D5C08E5
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=byadUMza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Frame ID: AF9745DEFC1F045540A09D8EEB569921
Requests: 1 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 494C7714E7B109126C2EAEF0F7660E62
Requests: 14 HTTP requests in this frame

Frame: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Frame ID: 5E3B50C81B3108C17D836C45239589FA
Requests: 17 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 85138E8BE2D26A93FE43EA1DA9111EF8
Requests: 15 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 07F545EED8F5D9319A5659844BD9FFA4
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 1F949317EFFE7B7DF206F4EDBE073E1D
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Frame ID: C161F657E8DBA6A5ED2ED38DD9BD1924
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Frame ID: 630C3A7F94542B163173EC9A886A910D
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Frame ID: 0A6671484331857E1F011ECFDCF54B6F
Requests: 12 HTTP requests in this frame

Frame: https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Frame ID: C2023CF9482963EE32EC2E036CC97078
Requests: 1 HTTP requests in this frame

Frame: https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Frame ID: 7290D1C51F06853537CB1EA5F88C94C2
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Frame ID: 4474255758F999330825FA9CFFA80E62
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 7C8FC1472B981F99A598C0D05F18FCD5
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Frame ID: 04E88255445329F74916543DDC9533CB
Requests: 14 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Frame ID: B4798E51D08A5FAE0D23459C03CC72A2
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: E4952C0CDE27835EFC40A6CE36F7F493
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: AA425EF5EF670B43A30939A0C39289BF
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Frame ID: A8D8DECD0D0892F06ED4029987DB3C3E
Requests: 31 HTTP requests in this frame

Frame: https://sync.missena.io/missena?gdpr=0
Frame ID: 58B5D51B9071B00288496535971D90DD
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/improvedigital/36b73796-ef19-4f27-a528-af0524e6a54d
Frame ID: 002189D142B232CA1EB5087482BB67F1
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0
Frame ID: 1087F90115C810187FA3F02B97FC7C7A
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Frame ID: 12045ECB631481BD37404C63559582DB
Requests: 10 HTTP requests in this frame

Frame: https://sync.missena.io/richaudience/43646921-d1d4-4001-a4eb-1zz1691431910
Frame ID: A47286B14B28B08EAEDCB6E5EB258B9A
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/smart/7640565164426888160
Frame ID: 5FD4740AD368496EC9593278F3F9FC78
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/smilewanted/b1f810163d32d0b701c8bfa0f426ccd7
Frame ID: EDFC9A048CB406C095C9A4B9A357A27D
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/xandr/5730477144318325021?fu&gdpr=0
Frame ID: C35BBC485EF910F424E2597EF9AD06FC
Requests: 1 HTTP requests in this frame

Frame: https://ups.analytics.yahoo.com/ups/58673/occ?gdpr=0
Frame ID: 850645E8A53AC54CB3239FA9A0FD6739
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/adyoulike/1a503959ebcbd5f5cc7a854e6acf47b4
Frame ID: 5EAE1D1CE0022EF985A56B8F4653647F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZNEz6gAAAyP6cAA4&gdpr=0&gdpr_consent=&_test=ZNEz6gAAAyP6cAA4
Frame ID: 1A24C9C172CC0B87F98C6DCCA7650C8A
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OGMwNjE5MC1iOTMyLTQxNmQtYjQyYS03MDk3NTQ2ZjgzOTM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 4E761327FE1C9754BEF1D552F66BAE61
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: 74DA7BC6C9CA17B55AD1F18266F11966
Requests: 12 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 0BAB24B5DB3DE77262CDDAD20FDF0197
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZNEz68Co8X8AAGhRQwcAAAAA
Frame ID: 7B6E04FDAAF3A4BA3B904734C6931546
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_58c06190-b932-416d-b42a-7097546f8393&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Frame ID: 293BA229D23DB8CB12A0975881DD6D5A
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 4A8CFC9D9809E304B08675E8E7A4A14F
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=0zEZpqla0Dxyke00P29J&pi=gumgum&tc=1
Frame ID: D59C984196BCC1F26019D4CA41CA2725
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Frame ID: 55B880F971A615481B5894F74A282E79
Requests: 15 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Frame ID: D595F77ECA90BDBB68DFE342E5DDB675
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJmriUcKZ9TghKpd
Frame ID: B174217BC9D749DC1CDFB11126204219
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 4A395FFE331818C306A900857CDC75C1
Requests: 3 HTTP requests in this frame

Frame: https://powerad.ai/vast/vpaid.js
Frame ID: 70EB889357789F7102322FE216746BD3
Requests: 1 HTTP requests in this frame

Frame: https://video-ads.rubiconproject.com/video/bridge-31050.js
Frame ID: 875265D1C965CAE94FAE0183A9DB8A36
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/drop_cookie_sw.php
Frame ID: C361B5C96AAB6BDD7DC1E22CC4C4D1C5
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Frame ID: DA7D31DDC69EFACCFA5C70360229B446
Requests: 14 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Frame ID: E7FA533CE4827BB58843608E2C6886BB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 722DFF00EBAA5E6547AA4B5B596DFB92
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FF8D6959049D2B053E55D6C7AE88C096
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=ZNEz6gAAAyP6cAA4&gdpr=&gdpr_consent=
Frame ID: 02B276F062E8CA145C72EB12B53A5507
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OGMwNjE5MC1iOTMyLTQxNmQtYjQyYS03MDk3NTQ2ZjgzOTM=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Frame ID: 58CD70522736108A3C2BD4E24FB4AA8D
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Frame ID: 310BAE2B8E2D029D5F817EB937BFDCC3
Requests: 3 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Frame ID: ACEA7903266917DAF79EE06C0B44667B
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=sus&i=ZNEz7MCo8X8AAGhRQyYAAAAA
Frame ID: D0E3C78BCC842A8B9B300B4C5BBAA6E0
Requests: 1 HTTP requests in this frame

Frame: https://cs.admanmedia.com/sync/gumgum?puid=e_58c06190-b932-416d-b42a-7097546f8393&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Frame ID: 46DDF6BB20BA80C3217BD269C6E800BF
Requests: 1 HTTP requests in this frame

Frame: https://insticator-d.openx.net/w/1.0/pd
Frame ID: 1DD4D77E70D4991F491645C3235AE3FC
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 0A826941D7BBF618BB13ECF38AE2120F
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: 18090792C452DB1CE0F311E9F44598EA
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Frame ID: 474CD77019620485E0B19DFE798BD783
Requests: 1 HTTP requests in this frame

Frame: https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Frame ID: 80CA29EFB9F3227C57FD75733107EAD9
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/richaudience/43646921-d1d4-4001-a4eb-1zz1691431910
Frame ID: 0ECC1CA7F85F448EDA9E6E03382A2783
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4561609198
Frame ID: 217B9032CDE013C1233D29DFB3D53BE5
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/betweenx/35b820c5-b7e0-52db-a8c3-b287cc12816b
Frame ID: A54190FAE5ED90730F8936E6DB495F53
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Frame ID: 1E6B2F59B1BC5D3977EE1867163B40EC
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Frame ID: 4DF97AB4453FA9C7334789885A263901
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=rth&i=0zEZpqla0Dxyke00P29J&pi=gumgum
Frame ID: AC88C23413A22E8583B26ACB4BE38F97
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: E76614B0FA74FE37C18B588B03CBBB6D
Requests: 2 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Frame ID: 43C0DD55844F7AB92BE94056D902C863
Requests: 1 HTTP requests in this frame

Frame: https://csync.smilewanted.com/set_partner_userid_get/freewheel/1d41fe77cabbafcda93deed5caa6d1a7?gdpr_consent=&gdpr=0
Frame ID: 8D5CB6E02AD561FAD5CC62662C46155B
Requests: 1 HTTP requests in this frame

Frame: https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Frame ID: 6202B7530FA3ADC7916AE085689E0FE1
Requests: 1 HTTP requests in this frame

Frame: https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Frame ID: FCCAB2CC56C410E67C62CB985A1F1AAD
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 3C3719CDBEB18E47B6CEED37FA6BB2D2
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: CA194034CAB8F434DB756187EA2CAF57
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5959916048236780741
Frame ID: D142CB1A1084C38D2F742BCCCEE420D2
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 4B266FC24FA41B984B5A97BFC78E7BFF
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829258782300
Frame ID: BB1385C57E5A3ACED48FF078A3DC9682
Requests: 1 HTTP requests in this frame

Frame: https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&redir=true&gdpr=0&gdpr_consent=
Frame ID: 6D03EE39B3C3295EEFBD9F71A7FAF7CE
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_ADWDfkH1wvnVYAN-lKfWP4Cgg3nA9QE_QJx9pKY
Frame ID: CF974D628478D747627466F5438D1BD0
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5730477144318325021&gdpr=0&gdpr_consent=
Frame ID: A17A3FEE396A364EB5710A3F4F91D0A1
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Frame ID: 2D66EC84D57AD28F384A37EA06D85434
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.casho.la
Frame ID: 64201A2CA69664E856720E44EBA600CE
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 21C97BEE079CAFE44E01EAB3D9476176
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: BFE9EE6FFD8E7CCF82F21A0EAA3878B6
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: E3097CFFE38D68ECDC92C1C8BB6165DC
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 8A7DFC18B23774A747D12E1C66DA898A
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 3FC9CD79FC81F4B833E2481538591206
Requests: 4 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: A7829E84145E9D4F9F4CE02187CA8460
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Frame ID: 879B70625A9FCA82895EC5B643551C5F
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Frame ID: 90B4E748171F38F4456BAE2FB253808D
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Frame ID: 1D43D16214422129CA6BEBC9C68D457B
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 0E49C430DFEC8A982622E71751A3B00E
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 100A194263898071179B9A67E6759D1D
Requests: 1 HTTP requests in this frame

Frame: https://ads.servenobid.com/sync?pid=316&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Frame ID: 684B9A1EB7F1D11E180A32BEF87D94BE
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Frame ID: E81DA43130AC77E23B456000BCB20193
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Frame ID: 4834B6E7126EC9B6839876290045EC62
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Frame ID: 95D2E4B31F8504AF59EA518CD2D1566D
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 7F37ADA911C3A8A72D3416576C0DF750
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 155D6DC36AF7CA5C680AE4AAB365A706
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJN3U7JomgAACjQXusM1g&gdpr=0&gdpr_consent=
Frame ID: 0B09699430A14D8DA7F6A7ED777B46C9
Requests: 1 HTTP requests in this frame

Frame: https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Frame ID: 5BEA3AD384A5ABC49879CF5426802D7A
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 7EEB3BDD04C572D78F9943CFC846F031
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=u9f7xv84yssp
Frame ID: B947612B5711E208B8D24A8528AC91E6
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 1D2247F078C006A4376D522D0287B0D1
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 4488E41BCB76226F15C8782F0054A3D1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Frame ID: 5BCA3A58321B6FA12C6516FB3692C5AD
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: 9D0E52E961E1A5A4DE5007DF4287A536
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYXSaYWjVYhgXngQQ&gdpr=0&gdpr_consent=
Frame ID: E681AAF5C576DDC8E6622AB20065226F
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: 5D607ECBDFD56A55D28B23840AAAF144
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E174BB98A6C74CFCA5F8F526A7BFEA3A&gdpr=0&gdpr_consent=
Frame ID: 35A2A205B3A65E2C4D7C4A55CA3972C6
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2240367196
Frame ID: 6D8A58E638CEB06069F8356878745AD2
Requests: 1 HTTP requests in this frame

Frame: https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=c1ab0a3ba8e76a50&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Frame ID: 21EF4526D7105994A0083A8E2CE9A41E
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Frame ID: E92BF21A188DBAA534594BC7B447ACBD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Frame ID: 24ADB30DEC8228F0692DB5B5F042273C
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Frame ID: EAE276524D944F478EAC926564E177C6
Requests: 1 HTTP requests in this frame

Frame: https://sync.missena.io/pubmatic/B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Frame ID: 10BAF5148FB2199312108C286BDA5B5C
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Frame ID: B5EAA168935DE8175D9082D2BD406CF5
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Frame ID: B6E217323AA28230FC5E09A7E6DBA458
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Frame ID: 8163B5A5B78EA3C5BB227E5659534A1A
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: D12ACA416B63FE44F5C3A60C55E5E4A1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 7E15A6B4618A2D2C8CFABAFA284EA404
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Frame ID: 754188B10A0CDBD7D13BB2DB20E4E830
Requests: 1 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Frame ID: E78BBAD07EA7ABA842C9E7DF8DDDD94B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Frame ID: 756CCFFC10A0F25D82134522A01D18CF
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Frame ID: 59BBED827461426A6FAE8606AEDD2BAE
Requests: 1 HTTP requests in this frame

Frame: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Frame ID: 6EEF1CD9421A46D49136FC032753E768
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Frame ID: 5B1D18C334C4DC5645DD2C886A7E392B
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJN3U7JomgAACjQXusM1g&gdpr=0&gdpr_consent=
Frame ID: 0356FBECC63FC160311B9093EC8654DA
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU5380a3a6454e4a5fb1eccdb4fe927548&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Frame ID: F0A1F99A9976408484404D2C20BC25B6
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 8F0F3A370CCB712C29CFEF782C46DD39
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=pt721hksi1jt
Frame ID: 00F508F3980759D605495CC7198CED9E
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: D27F69649B90E1B2D8ECFCBD84C698CF
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Frame ID: 6B57571DAD46D1B72BBCD06F3F09FDD6
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Frame ID: 245EB46E10D98FF50058819DF873D2B6
Requests: 1 HTTP requests in this frame

Frame: https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Frame ID: F9F8FE2704845D8163701118D7756227
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYXSaYWjVYhgXngQQ&gdpr=0&gdpr_consent=
Frame ID: E1B05D7D9E52A6622F8CD4F10FB8F34E
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: C94F3F0E74B92B555FE410D837C32E82
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E174BB98A6C74CFCA5F8F526A7BFEA3A&gdpr=0&gdpr_consent=
Frame ID: 8EF2537EBA8574B6533D939DFDDBA68E
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6405436396
Frame ID: 6AD80657168500B61B17B0B95B8DAE44
Requests: 1 HTTP requests in this frame

Frame: https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Frame ID: F55173A2F799D849A91E13342BC2A3DC
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=pbm&i=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Frame ID: D5320256D98514E3BD400B5D7E3BE162
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: C56BBCFAFC9E4F73323F2FB12B2B8741
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2B82ECFE452E22554930A8B6B0FEAB5B
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 37C1636BE60CB93E78970EF6A2A31555
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Frame ID: EAECC0CE3D4361791D7C7F679E025EA8
Requests: 2 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1691431918991&gdpr=0&us_privacy=1---
Frame ID: 09780B50D0A31C4B517195198D9C7AEE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 35C25B10A1632FF9FA6C7698EC041EB8
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 41139EDCAC83791A49EA58EB073B5776
Requests: 6 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: D4BF96DA606CC6C2DD6C0A24716CA087
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/sdkloader/loader.js
Frame ID: 0CB30D501FDB8C2887ED09BE481DD8CC
Requests: 6 HTTP requests in this frame

Frame: https://csync-eu.smartadserver.com/2058/CookieSync.html
Frame ID: F6B52EBEDF091389D99AC25D39EF4236
Requests: 4 HTTP requests in this frame

Frame: https://csync-eu.smartadserver.com/2161/CookieSync.html
Frame ID: C5B860DC00DC81D35264F276DE787EEB
Requests: 4 HTTP requests in this frame

Frame: https://csync-eu.smartadserver.com/3668/CookieSync.html
Frame ID: 5DD2F6468C99B72DAD01236D8E9958F6
Requests: 4 HTTP requests in this frame

Frame: https://ad.yieldlab.net/d/6846326/766/2x2?ts=1691431922&type=h&gdpr=1&consent=
Frame ID: E062C11C911AF961BD4649AD779D1818
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: 868FB7144DAC319059248C2D37657776
Requests: 41 HTTP requests in this frame

Frame: https://feed.pghub.io/tag?gdpr=1&gdpr_consent=&referrer_url=https%3A%2F%2Fwww.google.com%2F&page_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&owner=P%26G&bp_id=showheroes&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
Frame ID: 461CFF948A2A9597886175D85883E6F7
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=2058&dcid=14&gdpr=1&gdprc=
Frame ID: 3270C0A3D527DEBD465A143031B55E95
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Frame ID: 6FEBCE16CE4CD1F07190687A2D2DC7F2
Requests: 3 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: F8EFA17453D6268702A46D0100BC80AD
Requests: 38 HTTP requests in this frame

Frame: https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2908609224
Frame ID: EB3899CCDAEFFFBED6D5111D00429DE4
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=2058&dcid=4&iscname=false&cname=&gdpr=1&gdpr_consent=
Frame ID: 23F919F529BD0E0522351BCDAC624EEF
Requests: 4 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&us_privacy=1---
Frame ID: F1A41110197A52CEF83CD8AC4E4520CB
Requests: 2 HTTP requests in this frame

Frame: https://ad.yieldlab.net/d/6846326/766/2x2?ts=1691431926725&type=h&gdpr=1
Frame ID: E5900E981C78C06249BD84D3918404EE
Requests: 1 HTTP requests in this frame

Frame: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=14&gdpr=1&gdprc=
Frame ID: 4F0B209960C97D03CF8D720077424F5B
Requests: 4 HTTP requests in this frame

Frame: https://acdn.adnxs-simple.com/strikeforce/script.js
Frame ID: 0215E02C0CF0A5BCBA188563B6FD7E6B
Requests: 13 HTTP requests in this frame

Frame: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=n*%7C3%7CnH9A*&VF=9OE96H9EH9gOOgHH9Oc&ftMe=9&CdML=A&qdSQ=x(9c&SFt=ciB6(KA*O&SMSt=BuGfq11I51KIt_gaqUuvp2%3D%3D&SeFt=(H4HO696g&dFTQ=HAA0(4A&SS=K~&dS=Wb&Sa.C=)Z_n-ub&MFt=cX-Z*5-Hn&qMFt=vOZH4(4&aqqMd=9&eee=FWMw_8O)HEAt8HKQ)e.CJr4J.HqV4Vr4JUAdgLv8AyD22xcwOFeUDp)99mXi5ImHOT3exUu0e4IaWXWV4YH(ekUHW*fdCFA9ERDD7i)R*Sb%3D&s8eR=aqqMd%3A%2F%2F888PfrrfGQPSrC&Qs8eR=8gg~2%3AJJWWWPhCChIkPuCb&.dQ=4&G8=9&7ft=6&Ltq9=ciBO(2UH9&Ltq(=g44gA96H(&1tLqL=z103GQ.%3D994cz1aM%3DAz1Ft%3DAPA9Az103Ld.%3D(A9A99z103Q0M%3DAz103fF.d7%3DAz103F.qCt%3DAz103ea%3D6gK~2MIc)Wz103eMS%3DAAAAAA9z103dFTQ%3DHAA0(4Az103qCL0%3D9AAz103qCG3d7RRF0%3D%2FzSFqh%3DBuK~u)~ynzSs3RG%3DAztS%3DfSMDQ7D8Qdq9D1ztCC3t9%3DAztCC3t9A%3DAztCC3t9(%3D9ztCC3t96%3DAztCC3t94%3D9ztCC3t9O%3DHztCC3t9g%3DAztCC3t9c%3D4ztCC3t(%3DvztCC3t(9%3DD9ztCC3t((%3DAPA(ztCC3t(6%3D4ztCC3t(4%3DtQR3tQRztCC3t(c%3D4ztCC3t(E%3DAPAAztCC3tH%3DAztCC3tHA%3DAztCC3tH(%3DAztCC3tHH%3DAztCC3tHO%3DuZztCC3tHg%3DvztCC3t6%3D9AztCC3t6A%3DAztCC3t6(%3DAztCC3t6H%3DAztCC3t66%3DMertztCC3t64%3DAztCC3t6O%3D_ztCC3t49%3DAztCC3t4(%3DAPAAztCC3t4O%3DAztCC3tg%3DAztCC3tc%3DAztCC3G%3DAPA(gztCC3C9%3DAPA6EztCC3C9A%3D9PAAAztCC3C99%3D9PAAAztCC3C9(%3DAPOAHztCC3C9H%3D9PAAAztCC3C96%3D9PAAAztCC3C94%3D9PAA9ztCC3C9O%3DAP9cAztCC3C(%3DAPA64ztCC3C(9%3D9PAAAztCC3C(H%3D9PAAAztCC3C(6%3D9PAAAztCC3C(4%3D9PAAAztCC3C(E%3D9PAAAztCC3CH%3D9PAAAztCC3CHA%3D9PAAAztCC3CH6%3D9PAAAztCC3CHE%3D9gPAAAztCC3C6A%3D9gPAAAztCC3C4%3D9PAAAztCC3C4(%3DAPAg9ztCC3C4H%3D9PAAAztCC3C46%3D4PAAAztCC3C44%3D9PAAAztCC3C4g%3D9PAAAztCC3CO%3D9PAAAztCC3Cg%3DAPOAHztCC3CE%3D9PAAAztCC3e%3DAP9cAzQ3eMC%3DAPA6EzQeMC%3DAPA6EzaS%3DA%20%2B%20AzFaL%3DAzFqhMQ%3DZXXu~mBJ3~mX~_yn~uvzCfF%3D(cAc4gO6ze3SS%3DK~ze3FM%3DcAP(44PgPAze3dS%3D_Xze1r%3D43HzeQR3S.q%3DAzdQGGQe3qLf3Ft%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(Hzdqt%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(HzV1e%3DAzVFdF1FGFqh%3DAzS1tM%3DAPAAOzFqhMQ3Ft%3D(9zdQGGQe3qLf3Ft%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(Hzd7MMGh3qLf3Ft%3D(cAc4gO6zVFQ8L1FGFqh%3DAPAgA4gEzMrd%3DAzSLeeFQeyt%3DAzrf1Ft%3DAPA9Az1RGe%3DAPAAAztqS%3DQ731QztCC3QeMC%3DRLGdQztCC%3DaLeCr.hz1tMSLMt%3DAztLGf%3D7.Fdr.9(zF.dG%3DAzdr1M%3DzaqCG%3D9ztS7q%3D64ztrf1%3DAD9zF1S%3D9z&.qV=A&1teyt=6O(&CSR=6AgOc&htdMe=9&sLqMeQ=9&sLq1Ft=D9AH&SLtrCLF.=qT_DaxSGDxcUq-x6kjrFiUacqSHZMT7HMYcFMAQ6XT~%3D&hMGM=9&FdFt=H&LtV=*Q.QeLG%20JQLeSa&MfFt=M9(AA(A(E69cq(A(HAcAg9c9(&ddGt=%7B%22ddFM%22%3A%22cAP(44PgPA%22%2C%22ddSS%22%3A%22K~%22%2C%22dddS%22%3A%22_X%22%2C%22ddSqh%22%3A%22B.tQ.aQFC%22%7D&aqCGdeS=9&qSR3SCM=9
Frame ID: A885C1320F36AC8E8FBB14EAA1142A04
Requests: 5 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU42D0G6&https=1&itype=CM
Frame ID: 5C26FB86A75950358B13937E0A82CFF1
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU62QK31&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C461%2C462%2C3018%2C246%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Frame ID: 3FAC3FBC770F6DEC0F7444EAFE7A4C8D
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=9027&pub_id=2235603
Frame ID: DF68CE3CC23E981586C749016DB5DDA4
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ravenjs.com/3.17.0/raven.min.js
Frame ID: FBCC4FB057CE637CEE5F284E1394AEBA
Requests: 38 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Frame ID: 24609DD1F83856BF7BC5FDF4A371ADCE
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: 2092F5F53DF9A4F46A2AE9B17E4834A5
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Cashola

Page URL History Show full URLs

  1. https://tinyurl.win/i/hTv8ofje1i Page URL
  2. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXvPmSr5SA... Page URL
  3. https://www.casho.la/trending/ HTTP 302
    https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /polyfill\.min\.js
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • tracker\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery-ui.*\.js

Page Statistics

1235
Requests

88 %
HTTPS

29 %
IPv6

192
Domains

349
Subdomains

255
IPs

21
Countries

31133 kB
Transfer

63957 kB
Size

233
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://tinyurl.win/i/hTv8ofje1i Page URL
  2. https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXvPmSr5SAAxV4GzQIHQKMB2sQFnoECBAQAQ&url=https://www.casho.la/trending/&usg=AOvVaw2eGscq0RYVQqkSoAoWl-P3&art%5B0%5D=aW8yczc0b2JuNTYzanUvNW4ySlFKcnFzN1B1bDhobz0-&art%5B1%5D=ejlQd3ZkRkV3Y3pqMkE9PQ--&knd=6huX_W7PcHsi1harjZRMfg-- Page URL
  3. https://www.casho.la/trending/ HTTP 302
    https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 28
  • https://platform.instagram.com/en_US/embeds.js HTTP 301
  • https://www.instagram.com/embed.js
Request Chain 29
  • https://www.tiktok.com/embed.js HTTP 302
  • https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
Request Chain 35
  • https://casho.la/wp-content/uploads/2022/02/HeaderLogo1.png HTTP 301
  • https://www.casho.la/wp-content/uploads/2022/02/HeaderLogo1.png
Request Chain 37
  • https://embed.sendtonews.com/player3/embedcode.js?fk=nydEIVUv&cid=13327&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.20.1/embed.js
Request Chain 50
  • https://casho.la/wp-content/uploads/2022/02/FooterLogo-Copy.jpg HTTP 301
  • https://www.casho.la/wp-content/uploads/2022/02/FooterLogo-Copy.jpg
Request Chain 67
  • https://d280h7aj1u7b0w.cloudfront.net/player3/embedcode.js?fk=nydEIVUv&cid=13327&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right HTTP 302
  • https://embedcdn.sendtonews.com/easy-stn-player/7.20.1/embed.js
Request Chain 84
  • https://casho.la/wp-content/uploads/2022/02/HeaderLogo1.png HTTP 301
  • https://www.casho.la/wp-content/uploads/2022/02/HeaderLogo1.png
Request Chain 112
  • https://www.casho.la/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://www.casho.la/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
Request Chain 155
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/www.casho.la/ROS?rnd=0.39241293187579673&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26706%3A160x600&ur=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pbv=8.6.0&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F&e_pubcid=0c974440-dd3e-46f6-b53f-0fbf20d340ea HTTP 302
  • https://pbjs.e-planning.net/hb/1/2a156/1/www.casho.la/ROS?ct=1&r=pbjs&rnd=0.39241293187579673&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26706%3A160x600&ur=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pbv=8.6.0&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F&e_pubcid=0c974440-dd3e-46f6-b53f-0fbf20d340ea
Request Chain 202
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=187cce2a-21ea-44c1-5c0e-915242d734b7&zdid=1258 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=187cce2a-21ea-44c1-5c0e-915242d734b7&zdid=1258&google_tc= HTTP 302
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECixDK1IVymBOsUu9rbkfbc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=187cce2a-21ea-44c1-5c0e-915242d734b7&zdid=1258
Request Chain 209
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.8262727 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=5730477144318325021;cb=0.8262727
Request Chain 210
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.8262727 HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%252Fudm%252Ffetch.pix%253Fpmid%253D%2523PMUID%3Bcb%3D0.8262727&rdf=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjQwNTI0NTktQTNFMS00RkE4LUIxMUUtMEI4MjI2OUM3QTFD&gdpr=-1&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent= HTTP 302
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY} HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.8262727&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DB4052459-A3E1-4FA8-B11E-0B82269C7A1C&us_privacy=%24%7BUS_PRIVACY%7D HTTP 302
  • https://udmserve.net/udm/fetch.pix?pmid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Request Chain 211
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.8262727%3Bindx%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.8262727%3Bindx%3D&s=199174&C=1 HTTP 302
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.8262727;indx=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB
Request Chain 266
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm HTTP 302
  • https://s.cpx.to/sync?dsp_uid=CAESEIK2GfIaMJjfN431ipaO1HQ&dsp=dbm&google_cver=1
Request Chain 268
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12762%26ref%3Dhttps%253A%252F%252Fwww.google.com%252F%26url%3Dhttps%253A%252F%252Fwww.casho.la%252Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%252F%26hn_ver%3D57%26fid%3D3bb29eab-7bce-4df0-ab0f-ea12b2a0b28b HTTP 302
  • https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=5730477144318325021&pid=12762&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&hn_ver=57&fid=3bb29eab-7bce-4df0-ab0f-ea12b2a0b28b
Request Chain 269
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID HTTP 302
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Request Chain 366
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Request Chain 411
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID HTTP 302
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5730477144318325021
Request Chain 422
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc1ab0a3ba8e76a50%26uid%3D%24UID HTTP 302
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=c1ab0a3ba8e76a50&uid=5730477144318325021
Request Chain 423
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dc1ab0a3ba8e76a50%26uid%3D%24UID&partner=eplanning HTTP 302
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=c1ab0a3ba8e76a50&uid=ua-85a2f744-99a1-3fcc-9c86-c50f3179682a
Request Chain 425
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%3Db337141cfdc8cf59%26fi%3Dc1ab0a3ba8e76a50 HTTP 302
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=c1ab0a3ba8e76a50
Request Chain 438
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Request Chain 443
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=5730477144318325021
Request Chain 444
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=HHMDrRZHne9662hFSBakQJZZ
Request Chain 446
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1691431913383 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=1998988680 HTTP 302
  • https://sync.1rx.io/usersync/turn/7266735936752934681?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003 HTTP 302
  • https://ads.servenobid.com/sync?pid=321&uid=RX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003
Request Chain 447
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5107433829258782300
Request Chain 449
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Request Chain 451
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID HTTP 302
  • https://ads.servenobid.com/sync?pid=346&uid=ua-85a2f744-99a1-3fcc-9c86-c50f3179682a
Request Chain 454
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E HTTP 302
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Request Chain 456
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 489
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=de781c70-8abd-41e2-bb1c-2f7efc458b85&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Request Chain 496
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f6444ad7-dcbb-43a3-6164-527de0307f44&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f6444ad7-dcbb-43a3-6164-527de0307f44&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=81369816083266467084416187206224719126&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Request Chain 498
  • https://bn01.er.bemail.it/zeotap.php?_bid=f6444ad7-dcbb-43a3-6164-527de0307f44&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023080720-95187-0.306285001691431914-8141d2d9c428da24afcddd269c4beeb2&zdid=533&env=mWeb
Request Chain 499
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7264644754048153739&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Request Chain 501
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f6444ad7-dcbb-43a3-6164-527de0307f44&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361 HTTP 307
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f6444ad7-dcbb-43a3-6164-527de0307f44&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361&bounce=1&random=1699994656 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=.D6KMcnVO6EkFATit6PWGu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Request Chain 503
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f6444ad7-dcbb-43a3-6164-527de0307f44?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Request Chain 504
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-fu0Lwr1E2oqlaBg3XIg9Hnzl_z00Ba5JrQ--~A&zpartnerid=570&env=mWeb
Request Chain 505
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=aAxU2eTvcjk%2BYIeFPqpESQ00RC3T%2FsjV%2BS41iYitP1U%3D
Request Chain 509
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZNEz6gAAAyP6cAA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Request Chain 510
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PuKnXcfW&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=f6444ad7-dcbb-43a3-6164-527de0307f44
Request Chain 511
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6444ad7-dcbb-43a3-6164-527de0307f44&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6444ad7-dcbb-43a3-6164-527de0307f44&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361&dcc=t
Request Chain 513
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Request Chain 514
  • https://pixel.rubiconproject.com/token?pid=41544&puid=f6444ad7-dcbb-43a3-6164-527de0307f44&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=LL16VXOA-J-28RP&env=mWeb&zpartnerid=1770&gdpr=1
Request Chain 524
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB&gpp=&gpp_sid= HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB&gpp=&gpp_sid=&dcc=t
Request Chain 525
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid= HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESED6s5KU3UcnMilB_BjFYWCE&google_cver=1
Request Chain 526
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZNEz5XO7nUUIDozwdqgEWAAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPJunaKdEOgKzLaYPx62OWY&google_cver=1
Request Chain 530
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid= HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a8191d79-fbcb-48c4-a1c6-367c56cc7306
Request Chain 534
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5730477144318325021
Request Chain 535
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_58c06190-b932-416d-b42a-7097546f8393&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_58c06190-b932-416d-b42a-7097546f8393&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=affb49e9-0cc2-4344-98f0-bafc04e15f9c
Request Chain 536
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28gSF70TaAqZxyF5kNq2OK859qaLeRC03V4E6zdl-O5jy3WCeYapGmYvzUXrx1MC6b%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28gSF70TaAqZxyF5kNq2OK859qaLeRC03V4E6zdl-O5jy3WCeYapGmYvzUXrx1MC6b%29%26gdpr%3D0 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_58c06190-b932-416d-b42a-7097546f8393&obuid=ENC(gSF70TaAqZxyF5kNq2OK859qaLeRC03V4E6zdl-O5jy3WCeYapGmYvzUXrx1MC6b)&gdpr=0 HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Request Chain 537
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=c7d895af-660a-4a86-8d38-b3bce6401937
Request Chain 538
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-23274dc7-b2a5-5112-533c-a9899e314bea$ip$80.255.7.104
Request Chain 539
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-f7sL4CJE2pdPSMetCmdiGaApWvl340zboCw3~A
Request Chain 540
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=8c48c19e-9d22-4c9e-97fa-763d6825accb
Request Chain 541
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 543
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_58c06190-b932-416d-b42a-7097546f8393&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=OI2Qe5kWumjVtXy0CPzd&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2T2JGJIWKNLLK52W22SWORMHSMCDKB5GIJTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2T2JGJIWKNLLK52W22SWORMHSMCDKB5GIJTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=OI2Qe5kWumjVtXy0CPzd&us_privacy=1---
Request Chain 544
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=36b73796-ef19-4f27-a528-af0524e6a54d
Request Chain 545
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=BGHQuwwB62a8&ev=1&pid=558355
Request Chain 546
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=7640565164426888160
Request Chain 548
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5730477144318325021
Request Chain 551
  • https://ad.turn.com/r/cs?pid=21 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7338793530790862617
Request Chain 552
  • https://p.rfihub.com/cm?in=1&pub=2079 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433829258782300
Request Chain 553
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_ HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6UW7pphb1Qt4HU5
Request Chain 555
  • https://ums.acuityplatform.com/tum?umid=8 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=810617862598
Request Chain 560
  • https://ad.360yield.com/server_match?gdpr=0&partner_id=2157&r=https%3A%2F%2Fsync.missena.io%2Fimprovedigital%2F%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&partner_id=2157&r=https%3A%2F%2Fsync.missena.io%2Fimprovedigital%2F%7BPUB_USER_ID%7D HTTP 302
  • https://sync.missena.io/improvedigital/36b73796-ef19-4f27-a528-af0524e6a54d
Request Chain 568
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=missena&endpoint=eu&gdpr=0 HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0
Request Chain 576
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=096922040378bc1b4ec1b12f&gdpr=0&gdpr_consent=
Request Chain 577
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ZDXVYrqtkN5A&ev=1&pid=560288&gdpr_consent=&gdpr=0
Request Chain 579
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partneruserid%3DPARTNER_USER_ID%26gdpr%3DGDPR%26gdpr_consent%3DGDPR_CONSENT&gdpr=0&gdpr_consent= HTTP 307
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=f98f03a63ac7d4d615f6bb042ec2d483&gdpr=0&gdpr_consent=0
Request Chain 580
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&r=https://sync.missena.io/richaudience/%5BPDID%5D HTTP 302
  • https://sync.missena.io/richaudience/43646921-d1d4-4001-a4eb-1zz1691431910
Request Chain 581
  • https://sync.smartadserver.com/getuid?gdpr=0&nwid=3927&url=https%3A%2F%2Fsync.missena.io%2Fsmart%2F%5Bsas_uid%5D HTTP 302
  • https://sync.smartadserver.com/getuid?gdpr=0&nwid=3927&url=https://sync.missena.io/smart/[sas_uid]&cklb=1 HTTP 302
  • https://sync.missena.io/smart/7640565164426888160
Request Chain 582
  • https://csync.smilewanted.com/getuid?gdpr=0&pubid=3924&redirect=https%3A%2F%2Fsync.missena.io%2Fsmilewanted%2F%24UID&source=openrtb-via-prebid-server HTTP 302
  • https://sync.missena.io/smilewanted/b1f810163d32d0b701c8bfa0f426ccd7
Request Chain 584
  • https://secure.adnxs.com/getuid?https://sync.missena.io/xandr/$UID?fu&gdpr=0 HTTP 302
  • https://sync.missena.io/xandr/5730477144318325021?fu&gdpr=0
Request Chain 588
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&url=https%3A%2F%2Fsync.missena.io%2Fadyoulike%2F%7BuserId%7D HTTP 307
  • https://sync.missena.io/adyoulike/1a503959ebcbd5f5cc7a854e6acf47b4
Request Chain 591
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZNEz6gAAAyP6cAA4 HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZNEz6gAAAyP6cAA4&gdpr=0&gdpr_consent=&_test=ZNEz6gAAAyP6cAA4
Request Chain 595
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNEz68Co8X8AAGhRQwcAAAAA
Request Chain 598
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=0zEZpqla0Dxyke00P29J&pi=gumgum&tc=1
Request Chain 611
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 619
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEwxNlZYT0EtSi0yOFJQ HTTP 302
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAnzqn0EsU9BBirZA6qFLNY&google_cver=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwxNlZYT0EtSi0yOFJQ&google_push=
Request Chain 620
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2EzYzdhYmQxMjZjM2FmZDA2MGExMGNiZjgwNWJiNDFhYTY1NDBiZA
Request Chain 621
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MqI8EXDoCgPUSASZ8xEX-Q?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KzQot3FE2oK1lyyYLjeC4hAxwDtoSxo3RS3V_Q--~A
Request Chain 622
  • https://token.rubiconproject.com/token?pid=36584 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL16VXOA-J-28RP
Request Chain 624
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id= HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iIBlWBrzQ1qJlLLa9w74dQ&rk=usync-na HTTP 302
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iIBlWBrzQ1qJlLLa9w74dQ
Request Chain 625
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBPdMAJ-gXHrXrNq0EmEKgs&google_cver=1
Request Chain 634
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=5730477144318325021
Request Chain 635
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_58c06190-b932-416d-b42a-7097546f8393&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=1ZKQJ9CVkSHOx8Yn08DZcteQxCfOkZIu1JB5ofj3
Request Chain 636
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28gSF70TaAqZxyF5kNq2OK859qaLeRC03V4E6zdl-O5jy3WCeYapGmYvzUXrx1MC6b%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28gSF70TaAqZxyF5kNq2OK859qaLeRC03V4E6zdl-O5jy3WCeYapGmYvzUXrx1MC6b%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_58c06190-b932-416d-b42a-7097546f8393&obuid=ENC(gSF70TaAqZxyF5kNq2OK859qaLeRC03V4E6zdl-O5jy3WCeYapGmYvzUXrx1MC6b) HTTP 302
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Request Chain 638
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-23274dc7-b2a5-5112-533c-a9899e314bea$ip$80.255.7.104
Request Chain 639
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-f7sL4CJE2pdPSMetCmdiGaApWvl340zboCw3~A
Request Chain 640
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=8c48c19e-9d22-4c9e-97fa-763d6825accb
Request Chain 641
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 643
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_58c06190-b932-416d-b42a-7097546f8393&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&i=
Request Chain 644
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=36b73796-ef19-4f27-a528-af0524e6a54d
Request Chain 645
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=go9xFeY0zaTa&ev=1&pid=558355
Request Chain 676
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=ZNEz6gAAAyP6cAA4&gdpr=&gdpr_consent=
Request Chain 680
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNEz7MCo8X8AAGhRQyYAAAAA
Request Chain 697
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/richaudience/43646921-d1d4-4001-a4eb-1zz1691431910
Request Chain 698
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4561609198
Request Chain 700
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID} HTTP 302
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-1471655547840064769 HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/35b820c5-b7e0-52db-a8c3-b287cc12816b
Request Chain 707
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://usersync.gumgum.com/usersync?b=rth&i=0zEZpqla0Dxyke00P29J&pi=gumgum
Request Chain 708
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 710
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent= HTTP 302
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/1d41fe77cabbafcda93deed5caa6d1a7?gdpr_consent=&gdpr=0
Request Chain 754
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5959916048236780741
Request Chain 756
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829258782300
Request Chain 758
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_ADWDfkH1wvnVYAN-lKfWP4Cgg3nA9QE_QJx9pKY
Request Chain 759
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5730477144318325021&gdpr=0&gdpr_consent=
Request Chain 761
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tAUkWaPhT6ixHguCJpx6HA%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Request Chain 763
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Request Chain 764
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWkweWZJMnlScUVSQ21KbTVlc0RibkxYZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%253D%253D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://a.audrte.com/a?adform_uid=4253700080408965155&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D HTTP 302
  • https://a.audrte.com/p
Request Chain 765
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBWDxylDhhIbGn_qkq-qF0g&google_cver=1
Request Chain 767
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4253700080408965155
Request Chain 774
  • https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true HTTP 302
  • https://btloader.com/tag?o=5409916045492224&upapi=true
Request Chain 794
  • https://c.clarity.ms/c.gif HTTP 302
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DAFF0136E70D4C4E88A01015843CA421&RedC=c.clarity.ms&MXFR=296C28B66DF364AE0D093BD069F36A57 HTTP 302
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DAFF0136E70D4C4E88A01015843CA421&MUID=25D8FA5AAF8860B516AEE93CAE2461D8
Request Chain 805
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=casho.la&sn=ChromeSyncframe&so=0&topUrl=www.casho.la&cw=1&lsw=1&topicsavail=0&fledgeavail=0 HTTP 302
  • https://mug.criteo.com/sid?cpp=-tKnPnxEUHJYa2NYdEx5aXdZRGVlbjUxTmx0UWJxbHN2ZndjNmQrRWNSQ1lBRitYaUwvZkJRYmxNdlRxNVpkUGlyTjNucWY4VTN4YWJ1bFdkVnZ0SjYwYXZ6ZGlMdzZjUFozd0J4a2gvMmlIUFhJL2xoQUF5UEx6RVZFRUlWWVhaeHdrQUNyeWdkaE9HYytaYlBSSGFIdzhuY0hta0tUMWgwdy9raVlKVWIwWGZEdkZYNnVkbm9TZzlvOWhHMkYxOW9VMG5jZ013b2tLMSs4dnZTNEhINkxHdlpHY1ZKWVZYbVZwbmtxbEVvOWlXZGQwb1doajNVZFQ4VWtwZVA5MHdPU3BncWUxK2dlNW52c1F3cDFaK1hRRk9rUT09fA&cppv=2
Request Chain 854
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Request Chain 855
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Request Chain 857
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 860
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 861
  • https://pixel.onaudience.com/?partner=214&mapped=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=dad5d7eacb4c82271591623a21fe8fb4&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
Request Chain 864
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 307
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=c0778beb-cab4-431b-8c89-03c9253aaa70&ssp=pubmatic
Request Chain 865
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 867
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c79a9aa0-b190-4b06-aaaa-a6f2009ad89d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 869
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 870
  • https://pixel.onaudience.com/?partner=214&mapped=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0 HTTP 302
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=4253700080408965155&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=328034c53ba2eadd/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
Request Chain 874
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433829258782300&expires=30&ssp=pubmatic
Request Chain 875
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Request Chain 876
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Request Chain 877
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 880
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b4a62d61-cf1a-4e04-819f-85cece19e5ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 881
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 882
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNnZFN0pvbWdBQUNmbjFleXF2Zw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAJN3U7JomgAACjQXusM1g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7640565164426888160&gdpr=0&gdpr_consent= HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAJN3U7JomgAACjQXusM1g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7640565164426888160%26gdpr%3D0%26gdpr_consent%3D%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7640565164426888160&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJN3U7JomgAACjQXusM1g&pid=558502&do=add&gdpr=0 HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJN3U7JomgAACjQXusM1g&gdpr=0&gdpr_consent=
Request Chain 885
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=u9f7xv84yssp
Request Chain 886
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 888
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Request Chain 890
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=328034c53ba2eadd/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYXSaYWjVYhgXngQQ%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNrGB8F9IYXSaYWjVYhgXngQQ%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYXSaYWjVYhgXngQQ&gdpr=0&gdpr_consent=
Request Chain 892
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E174BB98A6C74CFCA5F8F526A7BFEA3A&gdpr=0&gdpr_consent=
Request Chain 893
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2240367196
Request Chain 896
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5730477144318325021
Request Chain 898
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 899
  • https://pixel.onaudience.com/?partner=214&mapped=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Request Chain 903
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_e7d263b1-30fa-44da-81ce-9af37745264c&bsw_param=affb49e9-0cc2-4344-98f0-bafc04e15f9c&expires=10&gdpr=0&gdpr_consent=&gdpr_pd= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 904
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Request Chain 905
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Request Chain 906
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 909
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 910
  • https://pixel.onaudience.com/?partner=214&mapped=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=dad5d7eacb4c82271591623a21fe8fb4&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
Request Chain 914
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CONSENT%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=
Request Chain 915
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Request Chain 916
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Request Chain 917
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 920
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bb1d93db-425b-43fa-9936-fd1cfcd52e63&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 921
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 924
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 925
  • https://pixel.onaudience.com/?partner=214&mapped=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent= HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=dad5d7eacb4c82271591623a21fe8fb4&gdpr=0 HTTP 302
  • https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
Request Chain 929
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433829258782300&expires=30&ssp=pubmatic
Request Chain 930
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Request Chain 931
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Request Chain 932
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 935
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1a4016d9-9e3a-4a62-a147-f95655fa907a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 936
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token} HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Request Chain 938
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKTjNVN0pvbWdBQUNqUVh1c00xZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 303
  • https://bh.contextweb.com/bh/rtset?ev=AAJN3U7JomgAACjQXusM1g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJN3U7JomgAACjQXusM1g&pid=558502&do=add&gdpr=0 HTTP 303
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAJN3U7JomgAACjQXusM1g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D3%26userid%3DSMART_USER_ID&gdpr=0 HTTP 302
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7640565164426888160&gdpr=0&gdpr_consent= HTTP 303
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJN3U7JomgAACjQXusM1g&gdpr=0&gdpr_consent=
Request Chain 939
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912 HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU5380a3a6454e4a5fb1eccdb4fe927548&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Request Chain 941
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=pt721hksi1jt
Request Chain 942
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 944
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent= HTTP 302
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr%3D0%26gdpr_consent%3D&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Request Chain 946
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent= HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid%26gdpr%3D0%26gdpr_consent%3D%25_gdpr_consent HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=328034c53ba2eadd/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DNrGB8F9IYXSaYWjVYhgXngQQ%2526gdpr%253D0%2526gdpr_consent%253D HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DNrGB8F9IYXSaYWjVYhgXngQQ%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYXSaYWjVYhgXngQQ&gdpr=0&gdpr_consent=
Request Chain 947
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5730477144318325021
Request Chain 949
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E174BB98A6C74CFCA5F8F526A7BFEA3A&gdpr=0&gdpr_consent=
Request Chain 950
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6405436396
Request Chain 1004
  • https://csync-global.smartadserver.com/2058/CookieSync.html HTTP 302
  • https://csync-eu.smartadserver.com/2058/CookieSync.html
Request Chain 1005
  • https://csync-global.smartadserver.com/2161/CookieSync.html HTTP 302
  • https://csync-eu.smartadserver.com/2161/CookieSync.html
Request Chain 1006
  • https://csync-global.smartadserver.com/3668/CookieSync.html HTTP 302
  • https://csync-eu.smartadserver.com/3668/CookieSync.html
Request Chain 1016
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu

1235 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
hTv8ofje1i
tinyurl.win/i/ 		1 KB
909 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3037::6815:48a7 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.27
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7f317bdbcf1239bc-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FcCuoOSHISn9o0v72yf99ETupaVJniqs9TEUKBDEKtFsyqboARRGUq2oujUAepeQb6xdPEozKja2CTpcFLQbZ1bDs10mS7T5iKV1F1VbM3yvVe1NoEOkhLkUvMEUsVLDxbfR9o%2FNkiAL5w%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/8.0.27
url
www.google.com/ 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXvPmSr5SAAxV4GzQIHQKMB2sQFnoECBAQAQ&url=https://www.casho.la/trending/&usg=AOvVaw2eGscq0RYVQqkSoAoWl-P3&art%5B0%5D=aW8yczc0b2JuNTYzanUvNW4ySlFKcnFzN1B1bDhobz0-&art%5B1%5D=ejlQd3ZkRkV3Y3pqMkE9PQ--&knd=6huX_W7PcHsi1harjZRMfg--
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
gws /
Resource Hash
Security Headers
Name Value
Content-Security-Policy object-src 'none';base-uri 'self';script-src 'nonce-ew9n6iMc5miBu9Co_Gf3qg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
Strict-Transport-Security max-age=31536000
X-Xss-Protection 0

Request headers

Referer
https://tinyurl.win/i/hTv8ofje1i
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA-Platform Sec-CH-UA-Platform-Version Sec-CH-UA-Full-Version Sec-CH-UA-Arch Sec-CH-UA-Model Sec-CH-UA-Bitness Sec-CH-UA-Full-Version-List Sec-CH-UA-WoW64
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-encoding
br
content-length
553
content-security-policy
object-src 'none';base-uri 'self';script-src 'nonce-ew9n6iMc5miBu9Co_Gf3qg' 'strict-dynamic' 'report-sample' 'unsafe-eval' 'unsafe-inline' https: http:;report-uri https://csp.withgoogle.com/csp/gws/other
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:45 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
origin-trial
Ap+qNlnLzJDKSmEHjzM5ilaa908GuehlLqGb6ezME5lkhelj20qVzfv06zPmQ3LodoeujZuphAolrnhnPA8w4AIAAABfeyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJQZXJtaXNzaW9uc1BvbGljeVVubG9hZCIsImV4cGlyeSI6MTY4NTY2Mzk5OX0= AvudrjMZqL7335p1KLV2lHo1kxdMeIN0dUI15d0CPz9dovVLCcXk8OAqjho1DX4s6NbHbA/AGobuGvcZv0drGgQAAAB9eyJvcmlnaW4iOiJodHRwczovL3d3dy5nb29nbGUuY29tOjQ0MyIsImZlYXR1cmUiOiJCYWNrRm9yd2FyZENhY2hlTm90UmVzdG9yZWRSZWFzb25zIiwiZXhwaXJ5IjoxNjkxNTM5MTk5LCJpc1N1YmRvbWFpbiI6dHJ1ZX0=
p3p
CP="This is not a P3P policy! See g.co/p3phelp for more info."
permissions-policy
unload=()
pragma
no-cache
server
gws
strict-transport-security
max-age=31536000
x-xss-protection
0
Primary Request /
www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Redirect Chain
  • https://www.casho.la/trending/
  • https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
88 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Requested by
Host: www.google.com
URL: https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXvPmSr5SAAxV4GzQIHQKMB2sQFnoECBAQAQ&url=https://www.casho.la/trending/&usg=AOvVaw2eGscq0RYVQqkSoAoWl-P3&art%5B0%5D=aW8yczc0b2JuNTYzanUvNW4ySlFKcnFzN1B1bDhobz0-&art%5B1%5D=ejlQd3ZkRkV3Y3pqMkE9PQ--&knd=6huX_W7PcHsi1harjZRMfg--
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/8.0.28
Resource Hash
d1ef1cc861273478f558e6e6b04cb5ea8c2a86c248d10a4d2c22e8b606018796

Request headers

Referer
https://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=&cad=rja&uact=8&ved=2ahUKEwiXvPmSr5SAAxV4GzQIHQKMB2sQFnoECBAQAQ&url=https://www.casho.la/trending/&usg=AOvVaw2eGscq0RYVQqkSoAoWl-P3&art%5B0%5D=aW8yczc0b2JuNTYzanUvNW4ySlFKcnFzN1B1bDhobz0-&art%5B1%5D=ejlQd3ZkRkV3Y3pqMkE9PQ--&knd=6huX_W7PcHsi1harjZRMfg--
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
7f317be5fc476913-FRA
content-encoding
br
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:46 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
refresh
21;url=https://www.casho.la/trending/new-york-times-employees-returns-to-office-after-protest/
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ob7oQr5OvOrpkdbEE%2BYev5csjXRQbN87vyx1vTvtNR7W%2B0Tyo%2BzrW6wGmMnanXT9QjF6qA3mLE0w6xZCUqz7GCZfMR9nebyRqx5NGMTyqhy7y1Xee0RP%2FBFHJiY9%2B8r4kO3Di4bzwFMadQ%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-envoy-upstream-service-time
12
x-powered-by
PHP/8.0.28

Redirect headers

cache-control
no-store, no-cache
cf-cache-status
DYNAMIC
cf-ray
7f317be07bbc6913-FRA
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:45 GMT
expires
Thu, 19 Nov 1981 08:52:00 GMT
location
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
pragma
no-cache
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DI%2BNi0yp5g%2FbgoR06cdsDXkUoE69Vjpx4u5d9EnhbWws1%2BBZpOCPhsNFJSJoQo8h9x%2FRBeT4LgvenEkwaGDYNWlnbbUe69i41bPGlEnE26QOOUkAQ7YClho81yeSU8q%2B77V4LEJQZ0g2aA%3D%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
x-envoy-upstream-service-time
8
x-powered-by
PHP/8.0.28
player.js
cdn.unibotscdn.com/ubplayer/ 		251 KB
95 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/player.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
043f529c0577388ad89a0f91d6fc6d7c0a471912cab404b02d02cdce303a0cb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-588
cdn-cachedat
08/03/2023 08:06:40
cdn-pullzone
873945
last-modified
Thu, 03 Aug 2023 08:06:21 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
645
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64cb5ffd-3ed84"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
a3abcc3dbf9af01765e4ab346dd348f5
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
h.js
cdn.unblockia.com/ 		164 KB
39 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unblockia.com/h.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:2e00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
m8vKRZ4OANVjVfMIKL3cKYiXKt6EM9QQ
content-encoding
gzip
via
1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
date
Sun, 06 Aug 2023 20:35:33 GMT
x-amz-cf-pop
ZRH55-P1
age
77774
x-amz-server-side-encryption
AES256
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:eu-west-1:987257285531:build/unblockia-loader-codebuild-project:4e52eb3f-761b-4c10-a85a-162fb4fa3980
x-cache
Hit from cloudfront
x-amz-meta-codebuild-content-md5
fb4d4b7b1d35720e2d2481016ef4369b
last-modified
Tue, 20 Jun 2023 10:06:46 GMT
server
AmazonS3
etag
W/"bc5af0220c4116294c4e9c72ae4e244c"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
x-amz-meta-codebuild-content-sha256
02f1ef29ead1d705cce351046cded37a79615ae12624547bfa0e8307765c8765
x-amz-cf-id
e7f8acLXbZDiH0PgNdLTdlZzLSCUzjjCU6kel4DocokB8wYKsx3kcg==
embed.js
d280h7aj1u7b0w.cloudfront.net/shim/ 		1 KB
931 B 		Script
General
Check archive.org
Download Go to
Full URL
https://d280h7aj1u7b0w.cloudfront.net/shim/embed.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2490:b200:2:aa19:6400:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3817329b2b0306df1b2adbc5b0def56d41ca48ee151a09fc0fa6a919ff42035b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:41 GMT
content-encoding
br
via
1.1 6e5ec1ef7875ec0751cb61200df7f212.cloudfront.net (CloudFront), 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
x-amz-version-id
GQVNdTbhuYVu95RoCQuDPtw7KDf5yUki
last-modified
Mon, 21 Nov 2022 20:34:57 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P7, FRA56-P6
age
7
etag
W/"896825c9e9de43fb9923c25966b68015"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript
cache-control
no-cache
x-amz-cf-id
gIpK90sEnnyEJOTAu_y-XaCry-Z52GsjN_5__tgEkMMS-FfPK6rfRA==
ad-manager.min.js
hb.vntsm.com/v3/live/ 		990 KB
293 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v3/live/ad-manager.min.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
62b0be6cd8e64b5f6e54a928a380439185061d122b32ec60008a66d6fb5092db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-server-side-encryption
AES256
cdn-cachedat
08/07/2023 16:40:54
cdn-pullzone
131999
last-modified
Mon, 31 Jul 2023 12:39:20 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"b572ef261e1e9473298fc69ebf7b3f11"
vary
Accept-Encoding, Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
application/javascript
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
cache-control
public, max-age=86400
x-bl
0
cdn-requestid
e35a99502401630368a7104796844f2d
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
style.min.css
www.casho.la/wp-includes/css/dist/block-library/ 		95 KB
13 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-includes/css/dist/block-library/style.min.css?ver=6.2.2
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 20:27:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
94663
etag
W/"3162979840"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WRg353zYXLK6Giaeie41jI1Pv0utUfOeJvxVsMGBQgSiIOhamhUVqqalJ82hx87fDweVw2csLremu414kCi7gkL4OyzMAsHw2OIaO4vXcm4hUz1ye8wcxnNacBePaafahf7f%2BNEfIXb7yA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
x-envoy-upstream-service-time
11
cf-ray
7f317be82f816913-FRA
expires
Tue, 05 Sep 2023 15:54:03 GMT
classic-themes.min.css
www.casho.la/wp-includes/css/ 		291 B
523 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-includes/css/classic-themes.min.css?ver=6.2.2
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 20:27:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
22403
etag
W/"2773013709"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tp9z3O3oVYavEmwlJ57IVEI4Yvxf%2FUr0WB7WT8X9ng7ZjSPvFFUWwOCUbbfXpgsLNOrXg9ldZ4GTJNkAr1OoPZSzmdz4E9BqoJ6FmgIFriyWUD5mpgW5BP4Vdg9%2BWDh87APIpHMSOl5EfQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
x-envoy-upstream-service-time
2
cf-ray
7f317be82f836913-FRA
expires
Wed, 06 Sep 2023 11:58:23 GMT
font-theme.css
www.casho.la/wp-content/plugins/theia-post-slider/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/theia-post-slider/css/font-theme.css?ver=1.15.1
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d5bf3f8dc9d9dcd608393de3bd8afbeedd5077039b595aaba4529064dbcbe89

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94662
cf-polished
origSize=3030
x-envoy-upstream-service-time
16
cf-bgj
minify
last-modified
Wed, 09 Feb 2022 12:40:12 GMT
server
cloudflare
etag
W/"1105056466"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=COevUxdBelJ3V0WQ%2F4Fk62EfjH2AbKcU4SMAa1knkf9VK5YG7BTP6hMUu4n5jqju0l9JHtS4XGLJHd1211AzG4TN%2BTjb8ly9XW6nv6w1Ob1dCUEKmVNWKfcWXV48h%2FGTWE%2BUGgIrs5qVbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
cf-ray
7f317be82f856913-FRA
expires
Tue, 05 Sep 2023 15:54:04 GMT
style.css
www.casho.la/wp-content/plugins/theia-post-slider/fonts/ 		4 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/theia-post-slider/fonts/style.css?ver=1.15.1
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b7bcc637896f680fc74dafaa350cf28a3480d121fad51e73c35ce26b5bb51738

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 09 Feb 2022 12:40:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"2745016447"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4TWwOyKLr0sjUMF7M6EYU%2Fctr8DO1HqTzfPxSH89t2XvB8E8ziA8eTZZCDEnRAW91fot7MSw5VeqqwBf92CNs5xFw5i1Z50SWp%2FruQGtlKzhZdKAb%2BHec37%2Bfpau8gXO6VOZr1ABdyYjeA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
x-envoy-upstream-service-time
2
cf-ray
7f317be82f876913-FRA
expires
Wed, 06 Sep 2023 18:11:46 GMT
wp-automatic.css
www.casho.la/wp-content/plugins/wp-automatic/css/ 		2 KB
874 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/wp-automatic/css/wp-automatic.css?ver=1.0.0
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
da26f75773d686f672adddeabc4378a593a11845f01c01dbd2c941744d2ff96a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94662
cf-polished
origSize=2713
x-envoy-upstream-service-time
2
cf-bgj
minify
last-modified
Mon, 31 Jul 2023 11:40:17 GMT
server
cloudflare
etag
W/"1885326951"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2rRGuewFR8VzJLifetsuAIaE4pEBwWfiEyIblawU2WvD2KmW%2BVtYRDnMWWq6Z%2BWVArwBQUz40nfABXIQdfs4%2FcHH5XUZPNamJXyfresm37e8s7jStZR%2FxigcGyQHuIYYXBG79xdz7BZ7Fw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
cf-ray
7f317be83f8a6913-FRA
expires
Tue, 05 Sep 2023 15:54:04 GMT
jquery-ui.css
ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/ 		36 KB
36 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jqueryui/1.12.1/themes/smoothness/jquery-ui.css?ver=6.2.2
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 06 Aug 2023 00:14:48 GMT
x-content-type-options
nosniff
age
151018
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
36536
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/css; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 05 Aug 2024 00:14:48 GMT
style.css
www.casho.la/wp-content/themes/zoxpress/ 		147 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/themes/zoxpress/style.css?ver=6.2.2
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b868c8c1971347e8ad2829c8bb8bb1c472ed71fbf8e794d5042fb1987816fbd3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94662
cf-polished
origSize=184315
x-envoy-upstream-service-time
11
cf-bgj
minify
last-modified
Sat, 17 Dec 2022 04:30:38 GMT
server
cloudflare
etag
W/"330811921"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PQUlPLpghUTAxXydKCA%2Bm5bVysZBqEghEf5oo3Rb%2Fxgsew2Bl0LKaY4NFkXPIL81BpVP0vsUJVvSfluNjzISYzPD%2FWsh2aKTMSK8dOAaW1O6HTP71jr0l5ssivAAxJZPmSbMMTxOBJc6vg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
cf-ray
7f317be83f8d6913-FRA
expires
Tue, 05 Sep 2023 15:54:04 GMT
wp-emoji-release.min.js
www.casho.la/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-includes/js/wp-emoji-release.min.js?ver=6.2.2
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Wed, 29 Mar 2023 20:27:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"4209285872"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7e8HiUwHp3F12HbgYV%2B%2BETshz5czxsuaQK7bzSpe64jYzoTzaNnOKVld2JmDRxmpJvk2%2B8Mfaakjzrj6D%2F2xmD764NTvONFYQFRNiRc%2FzZ0%2BL72w0T7bNYmqQWSPINHq9nF5e9jm2VukNQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
x-envoy-upstream-service-time
2
cf-ray
7f317bec3dc36913-FRA
expires
Wed, 06 Sep 2023 18:11:47 GMT
all.css
use.fontawesome.com/releases/v5.5.0/css/ 		50 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.2.2
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
JK7C9AD7T8RJPT3W
age
1513865
alt-svc
h3=":443"; ma=86400
x-amz-id-2
E2psJmRLMSkKIFTmwxNGCs4mWZ5ClcEqOsMgILZtUDy4LTMyoRfvpXgt1BH1CtV0r6ns1R8iIHMKWRPhnCjgAA==
last-modified
Wed, 30 Jun 2021 15:43:32 GMT
server
cloudflare
etag
W/"1cc6c92172d124fbd305ba3d8e263333"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o5PxGe6%2FxfiqvNR8qUlMj%2BcMBQjhGgWGfJ5Z0e%2BD9yr2NY01vIB%2F2F2Kk7GTLH2d06OEYqAVyQ%2BHWUx79yJ74f%2FKAZbBpeDXUUvgz8ViOng82YfX8jHSfwmBiGLhiFuge5ub0IYFUJV%2Bb5tIo%2BwV1Zcj"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=31556926
cf-ray
7f317bea2d2d3606-FRA
style.css
www.casho.la/wp-content/themes/zoxpress-child/ 		0
369 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/themes/zoxpress-child/style.css?ver=1.0.0
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94661
cf-polished
origSize=546
x-envoy-upstream-service-time
1
content-length
0
cf-bgj
minify
last-modified
Wed, 09 Feb 2022 12:35:03 GMT
server
cloudflare
etag
"2768092036"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AXFVdGigpKud8aGg68PuYj9T4BnML42yXiBKix6GRx3dzAjT9Yhl51h9uqbkeUYcRubErmfMDQtTYDe202hL06R8j5vValFggIEGMP274tGgeT5eeVbjGuiKRKZeLVjT09fB%2BIPwkHIiIg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7f317be9191c6913-FRA
expires
Tue, 05 Sep 2023 15:54:05 GMT
all.css
www.casho.la/wp-content/themes/zoxpress-child/font-awesome/css/ 		0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2.2
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUN%2B5CDVfKdZQgBy%2F4tLhRkyvxOPV4LbiXSoGI1SjgHhRNf9KFyRur75tfD4XpMt0OWJuxl139epZVDKQ292H9Xsy79iJTpLkegsEVNtEIlpe9uEXHsiMFp7CvFt8SiSpFdlzuQ4BOPfSQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
x-envoy-upstream-service-time
1
cf-ray
7f317be919216913-FRA
css
fonts.googleapis.com/ 		170 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPT+Serif%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
f2339c794c00a2ddb2a2a8a7488c12e16abd739f57bad967f8fbf8147e47fdcc
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 18:11:46 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Aug 2023 18:11:46 GMT
media-queries.css
www.casho.la/wp-content/themes/zoxpress/css/ 		139 KB
12 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/themes/zoxpress/css/media-queries.css?ver=6.2.2
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d643b952a4f6528358b25e2f30a9f2b16c48dcaa4c33036c04d89436bdb7fc2e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94661
cf-polished
origSize=181517
x-envoy-upstream-service-time
7
cf-bgj
minify
last-modified
Sat, 17 Dec 2022 04:30:38 GMT
server
cloudflare
etag
W/"2096613974"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zg8ZV%2BixoJ8GA2vk1cLUC5zT9z9gcHG4HPga8K05S2YrY7LMr3OBUx5w7es1N7ccgdVBJPyhnVqSPXloDUfaj0S6jkxSoQ4wYXMptaw2Br37z78n43HSQtTEUUyuuhq5MxHVZxdW8LrONQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
cache-control
max-age=2592000
cf-ray
7f317be919256913-FRA
expires
Tue, 05 Sep 2023 15:54:04 GMT
jquery.min.js
www.casho.la/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-includes/js/jquery/jquery.min.js?ver=3.6.4
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 20:27:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
29205
etag
W/"868167339"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FpYAznCF%2BeHMXD6mZxqWY%2BDsSXMuGMHsAuhEhwZXAfEWc9OWf4ydnc0GmERRUEAeZRB2ENKBe4IVes7csQ41zvfdkkOZ8uJG7p7sSUzqAA9dLtRrTcSbOtsJamDj5dkAlCzUgf6VYoilMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
x-envoy-upstream-service-time
4
cf-ray
7f317be919276913-FRA
expires
Wed, 06 Sep 2023 10:05:00 GMT
jquery-migrate.min.js
www.casho.la/wp-includes/js/jquery/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.4.0
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 20:27:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
94661
etag
W/"3136036567"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8gG6RWy76Rh0eYDeQHjjQTDLMVe7k3Qekdoa%2Bbr%2FvDNxgGNI6v%2FHAze%2FU65YfCRnH9PT%2BNHTn8PlE2up%2BpRs1Z2O8sYv%2FJvKMeC3nHKl2cVP0KxQwLRe7KYoaTbJ4RYz7b7bNFLwpS5uGg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
x-envoy-upstream-service-time
11
cf-ray
7f317be9192a6913-FRA
expires
Tue, 05 Sep 2023 15:54:04 GMT
jquery.history.js
www.casho.la/wp-content/plugins/theia-post-slider/js/balupton-history.js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/theia-post-slider/js/balupton-history.js/jquery.history.js?ver=1.7.1
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c54ab568b73e88af409e7615e9c6730d701234ebe9d64b131a08fccb0bef3deb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94661
x-envoy-upstream-service-time
2
cf-bgj
minify
last-modified
Wed, 09 Feb 2022 12:40:12 GMT
server
cloudflare
etag
W/"2730900145"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DDxKUC30K%2Bl8yxDzJXOXz6DybdI70pnloy4seBPFIbugmdyrB3GyBG9yAfM8WZVSAftHOPI%2BWbCkhc%2FvcECU5Ji7tlugAoWAHNOMbzXvHp4ezTGhuJ39FcyJI0bm0ouOYdrd7s5QG16Fzw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317be9192c6913-FRA
expires
Tue, 05 Sep 2023 15:54:05 GMT
async.min.js
www.casho.la/wp-content/plugins/theia-post-slider/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/theia-post-slider/js/async.min.js?ver=14.09.2014
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42f8505b4b6d5476091672c8ebc27d1ed2b9d21a68890145135578a6737ef053

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Feb 2022 12:40:12 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
94661
etag
W/"2715592220"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BYy2xQlRQJ5wyJFREZi2a%2BqjEEosK6oQ%2B6kQw1RhDjprjt4oyFNYfdIJ3ApR9trzf%2BE995VtRjlkBz3gUFwO18KyLZ%2FJX%2BLNHlv1h2gP4KyaW7TW%2Bu%2F%2FlR50Sdk932gxzeiMJqnMZjE%2FTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
x-envoy-upstream-service-time
2
cf-ray
7f317be929306913-FRA
expires
Tue, 05 Sep 2023 15:54:05 GMT
tps.js
www.casho.la/wp-content/plugins/theia-post-slider/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/theia-post-slider/js/tps.js?ver=1.15.1
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
41514feeb38f4f3d0fcc41d00d04c744e0e534930b030ca6efc0eedb892022ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94661
cf-polished
origSize=35644
x-envoy-upstream-service-time
2
cf-bgj
minify
last-modified
Wed, 09 Feb 2022 12:40:12 GMT
server
cloudflare
etag
W/"1677557445"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Apzo2HblZl06p9%2BAxugsm7JLY8jsjrN3eoG7k48%2B5L1v7EsPItPeeFxrNk5HlZzhkxYnpA0sCiosARQ16gLyW7k5AeUnPxi8YrkKvn%2BePDCRloO2b2%2FBOB7ba4rpm2iDrG%2Fx7wqGo%2BOuuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317be929326913-FRA
expires
Tue, 05 Sep 2023 15:54:05 GMT
main.js
www.casho.la/wp-content/plugins/theia-post-slider/js/ 		707 B
731 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/theia-post-slider/js/main.js?ver=1.15.1
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f2914edb33157588c8d440c36f1ea06652c133febd1719a344d79d078ec6c41a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94662
cf-polished
origSize=1036
x-envoy-upstream-service-time
1
cf-bgj
minify
last-modified
Wed, 09 Feb 2022 12:40:12 GMT
server
cloudflare
etag
W/"2143929857"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=G6yEuF8Vi4wtMgY2Nc%2FMMQkmjjv7LixPn4T%2F2%2B7G78dktMo5P%2FReDlINKV1vDlW2zSaIdAVmj%2FJCplb7nqPszVnPHdK0PjmFTu8PglhRDPji0HQAW%2BkvbjCVK%2BGo869Q8OG5gCF56Mtq%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317be929346913-FRA
expires
Tue, 05 Sep 2023 15:54:04 GMT
tps-transition-slide.js
www.casho.la/wp-content/plugins/theia-post-slider/js/ 		2 KB
839 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/theia-post-slider/js/tps-transition-slide.js?ver=1.15.1
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5f50b7e2dd83cfd38b606d2eb70bcb99dd4d4c462295db0baecaeabe7812e8f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94661
cf-polished
origSize=3219
x-envoy-upstream-service-time
1
cf-bgj
minify
last-modified
Wed, 09 Feb 2022 12:40:12 GMT
server
cloudflare
etag
W/"3755557747"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BvGk6zFCmu8BYDFkHdxE5LrHWmnRVo9TFO1nNH9hzKojz%2FFHeWxhuJAJHz66bGjDchjiSaO6qYsyUu839QmbcY37gaQTkLTwSHh7jCywJasG22wZ%2F6qRSY4m01JORbHBoECTYti902qRfg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317be929376913-FRA
expires
Tue, 05 Sep 2023 15:54:05 GMT
main-front.js
www.casho.la/wp-content/plugins/wp-automatic/js/ 		930 B
660 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/wp-automatic/js/main-front.js?ver=6.2.2
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
73e19401707d030422213eacea81ed13ef140752da1382a534e2e52385425e02

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
22403
cf-polished
origSize=1017
x-envoy-upstream-service-time
2
cf-bgj
minify
last-modified
Mon, 31 Jul 2023 11:40:17 GMT
server
cloudflare
etag
W/"3201258554"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2B0%2FGIhpfqTk3jUL78F%2B4DP7DyiC1eqWieBpooXenIitIxnAATw43wBAGzCmFhR2g2mKI%2F5b%2FGHzqS0A28xHD3s%2Fcxex%2BC4w2q2ZfFuWsUc94CJrYVdYzz66EbC5nZCAUsTbE7hRTF4UPtQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317be929396913-FRA
expires
Wed, 06 Sep 2023 11:58:23 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F33B) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:47 GMT
Content-Encoding
gzip
Age
519
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (via/F33B)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
embed.js
www.instagram.com/
Redirect Chain
  • https://platform.instagram.com/en_US/embeds.js
  • https://www.instagram.com/embed.js
55 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.instagram.com/embed.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
2a03:2880:f276:e8:face:b00c:0:4420 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
0dc6bf76600e02e1d516f92dc100d66e56ca3b45a24cac0277bf35bd21edc090
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=15552000
content-encoding
br
x-content-type-options
nosniff
date
Mon, 07 Aug 2023 18:11:47 GMT
content-md5
YWtovphQ2cOMxe7yL4UXFw==
document-policy
force-load-at-top
edge-control
cache-maxage=1200s
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
19523
reporting-endpoints
default="https://www.instagram.com/error/ig_web_error_reports/?device_level=unknown"
x-fb-debug
YCgUq1nICAfNPXLUZLhajx5MHKVGY9H4Q07yZ6eN6Ck0h9WBrrS9MHVusSrz6f3Z6G1OtDUnySSSUu65DT39cA==
x-fb-content-md5
d808a51b27760f0ea261153cd75c45ab
cross-origin-opener-policy
same-origin-allow-popups
etag
"94ee056455c52dc8b752dfc6e5c0eed8"
vary
Accept-Encoding
report-to
{"max_age":259200,"endpoints":[{"url":"https:\/\/www.instagram.com\/error\/ig_web_error_reports\/?device_level=unknown"}]}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(self), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(self), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
x-frame-options
DENY
timing-allow-origin
*
expires
Mon, 07 Aug 2023 18:31:47 GMT

Redirect headers

location
https://www.instagram.com/embed.js
date
Mon, 07 Aug 2023 18:11:47 GMT
server
proxygen-bolt
content-length
0
content-type
text/plain
embed_v1.0.11.js
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/
Redirect Chain
  • https://www.tiktok.com/embed.js
  • https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
46 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
23.48.23.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id
1427df3c
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
br
gzip-server
KFC
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
a2mC7RA9gA0jSaiCieTPqA==
x-check-cacheable
YES
x-cache
TCP_MEM_HIT from a23-48-22-144.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=6
content-length
14603
x-tos-request-id
e346a4b65506338163b65506-af4dbf3
x-tos-response-time
Thu, 05 Jan 2023 04:41:42 GMT
last-modified
Thu, 03 Nov 2022 00:46:48 GMT
server
nginx
x-tt-logid
20230106021717BB187F0E208875031434
etag
CPXr0NbkkPsCEAE=
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1022301
access-control-allow-credentials
false
x-tt-trace-host
01547d8c993fb94b68da2c12473f72d274285eb2ad2d0568369172edecd883ef3a7c18d54775c85f9e8146096e5418e695b1ea362992b91a4e3374205e2d9a2f53cfa9c16bc96c9a547b977dc1cdc2364c9bd137220575b2c780da6ee30f96c5a4bea8035ba124b44bd02db8b1080823f2984cfafebf44b484c278835293fc1848
timing-allow-origin
*
access-control-allow-headers
*

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:47 GMT
x-akamai-request-id
d028dd07
x-tt-trace-tag
id=16;cdn-cache=miss;type=dyn
server
nginx
x-tt-logid
20230807181146FA29219439D4E04AB3BD
x-cache
TCP_MISS from a23-206-213-12.deploy.akamaitechnologies.com (AkamaiGHost/11.2.1-50147064) (-)
content-type
text/html
location
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_v1.0.11.js
cache-control
max-age=0, no-cache, no-store
x-origin-response-time
356,23.206.213.12
x-tt-trace-host
01c92fd83e29c87aedf66fb8e5595922f154fe7363fadc5c656e52775b8cf64a0e285e0743eeebfa98c3c9d2f088568d0070cc36bdb1dde4ef465c4fb7446e4312
server-timing
cdn-cache; desc=MISS, edge; dur=2, origin; dur=356
content-length
138
expires
Mon, 07 Aug 2023 18:11:47 GMT
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
5c6068599000f006ed689152a0731dc10c53de350d5b0f6f4c98bf38db2560ca
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Aug 2023 18:11:47 GMT
content-md5
YH6eSTu3tuBg88Npl51jpw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
1686
x-fb-debug
XXr66YMwlgNcwwU3yEZAzGQbjbIlDRewfAaXKDVhqbPL6gQQAD5bD5thjQo+l7MaZPPRXdmzjbGvXT2lFu/iwA==
x-fb-content-md5
540f11d40b66e1169d03d03846b50e42
cross-origin-opener-policy
same-origin-allow-popups
etag
"60a9d1abd4c7525abcc1f99972d98c85"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
origin-agent-cluster
?0
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=1200,stale-while-revalidate=3600
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
expires
Mon, 07 Aug 2023 18:13:49 GMT
stracker.js
stats.systems/js/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://stats.systems/js/stracker.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7fc54a3ce1b17851cd92926279227eb43ccebced7cab0eb6f5283e147dda2987

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
885
cf-polished
origSize=28584
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Tue, 27 Nov 2018 20:57:53 GMT
server
cloudflare
etag
W/"6fa8-57babb3fed640"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ifqwAvehN3J%2FT1NN%2Fk5AihcJCafL9OF1YT1pT4LYen7AQkaUgswrjmKagCLQ0zsXOI2WmYh6eKWR8q%2FR%2Fj%2Bz7MSRCKjmPSxnUCMfAbVJGK7666SPJ5TUkEJBRLg8xVKm%2B1HW05kl59qt4ZuB"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=14400
cf-ray
7f317bea2a885c44-FRA
jload
pixel.adsafeprotected.com/ 		47 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pixel.adsafeprotected.com/jload?anId=931034&advId=dogpack&campId=cltg&pubId=
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.36.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-36-106.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
8215736236b9fc130ace57942a53a8ac264b0843781027e11c8f41fd6598065a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:46 GMT
content-encoding
gzip
vary
accept-encoding
content-type
application/javascript;charset=utf-8
access-control-allow-origin
pixel.adsafeprotected.com
cache-control
no-cache
access-control-allow-credentials
true
expires
Wed, 31 Dec 1969 23:59:59 GMT
custom-script.js
www.casho.la/trending/assets/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/trending/assets/custom-script.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
BYPASS
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6VP6EO1sym%2FOEPgMv045fDfrfZmmk%2FqUGjHPKB0mBnobveXyk8KjRAIJgKEhYGpH0tPgd9vifqhv29g8vLXRBbCYdFwa5X%2FWbXc%2F3xTaqfrr3KKXCh1INzi7LYn%2FlsNipg3WsxlmqxziCQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html
x-envoy-upstream-service-time
1
cf-ray
7f317be9293d6913-FRA
FooterLogo-Copy.jpg
www.casho.la/wp-content/uploads/2022/02/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casho.la/wp-content/uploads/2022/02/FooterLogo-Copy.jpg
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08f4db8c66660b33658c5971f784fdc6834f68ba966b7d19ed2be3902994c99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29196
x-envoy-upstream-service-time
2
content-length
6832
cf-bgj
h2pri
last-modified
Tue, 15 Feb 2022 09:05:39 GMT
server
cloudflare
etag
"3280015664"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7yg6NAB2YZVAtlqH%2BJNVeMvqXz4gyzr%2FnMFPMjLfHqNFme9oSqcOJ5XLU1XW2PGc%2F7pJOcfkF8kCC%2Bpj%2FzmFTYYTegiSwS%2BvlLuNHvYbTFUOctGO2eWdQsBabKg98z8rlnVdG1DA%2B0f2BA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7f317bec3dc56913-FRA
expires
Wed, 06 Sep 2023 10:05:11 GMT
HeaderLogo1.png
www.casho.la/wp-content/uploads/2022/02/
Redirect Chain
  • https://casho.la/wp-content/uploads/2022/02/HeaderLogo1.png
  • https://www.casho.la/wp-content/uploads/2022/02/HeaderLogo1.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casho.la/wp-content/uploads/2022/02/HeaderLogo1.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09222eae69ca77461b6fe3567991dfa3d371fa4f1b061da3dc3828e7233231e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29195
x-envoy-upstream-service-time
2
content-length
3531
last-modified
Tue, 15 Feb 2022 08:12:07 GMT
server
cloudflare
etag
"3097648900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R0AVNKk%2BL3YUqtA5ekdEm9a3%2BmCxSP%2B4b0MIfoVfbDlMBN4XdqDbk66OvaSU8R1s5PD%2FGGVSzIisE15D2JX5S%2BnJoNBEBKbgdo550l8GkuJGRtiAUVSxSn0Jh0WnmUGMc%2BmXv2npBKQilQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7f317bed1edf6913-FRA
expires
Wed, 06 Sep 2023 10:05:12 GMT

Redirect headers

date
Mon, 07 Aug 2023 18:11:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Ut1IbJyna3hmzZTqm7M2UYOqypoDgCjdGHEd%2BG5l9mL1lS8Q8x76%2FSAcqwaRwtdKcnhBi0YX6A6R8gtz9mKb5tI8soDW5ZBX7Vnzewm1%2B2%2Bzf7wcYOoiTMkQqOqEAzt0wW42ChS"}],"group":"cf-nel","max_age":604800}
location
https://www.casho.la/wp-content/uploads/2022/02/HeaderLogo1.png
cache-control
max-age=3600
cf-ray
7f317becde826913-FRA
expires
Mon, 07 Aug 2023 19:11:47 GMT
email-decode.min.js
www.casho.la/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Aug 2023 16:29:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64cd2768-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q30v1fCMTFMy0zMAEP5qalDiwJayk%2FxYhyVlFZP5AKT87XL3zXfX%2BvfTubT6UMDJ83KHa%2BYN2g7Zh6tcbAtA5NmnmaH3rxdxXXa%2Bo5iv2btE5TrgmRnZ6S%2Fc%2B0%2F%2B9SQdEq%2F87dvBpxFEZA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7f317bec1d8f6913-FRA
expires
Wed, 09 Aug 2023 18:11:47 GMT
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.20.1/
Redirect Chain
  • https://embed.sendtonews.com/player3/embedcode.js?fk=nydEIVUv&cid=13327&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/7.20.1/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.20.1/embed.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
18.165.183.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-81.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51cfb7dabe58e1f219a0eb2605fbc7071e139fb208b219819f7f1689bee176c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:31 GMT
x-amz-version-id
La4dCdHp2RMT4CoDkY5udizmlBOzpiDS
content-encoding
br
last-modified
Tue, 01 Aug 2023 20:22:00 GMT
server
AmazonS3
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
etag
W/"4e67a478ff2ade6cdcfc00bbfa1daf7a"
age
17
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
sXfP8WDmemVQucmTd8Q-64X0EGnkr6pjKFISoMinKkNQwQd8HBLoyw==

Redirect headers

date
Mon, 07 Aug 2023 18:11:47 GMT
via
1.1 62e7b24ca032b612bb93fa7f3437469c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7
x-cache
FunctionGeneratedResponse from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.20.1/embed.js
alt-svc
h3=":443"; ma=86400
content-length
0
x-amz-cf-id
eluK9Iig9T9eMRJZIm943nBWkqOSLVQby2nv-ZQ20TSd0ctHhTfqcQ==
infolinks_main.js
resources.infolinks.com/js/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/infolinks_main.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dac82534970907d1ea30328588a22c9ec11eaa0e75295475c4033eb9dc9e305e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Aug 2023 14:49:49 GMT
server
cloudflare
age
12110
etag
W/"102c-602565bb37b43"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7f317becfe961ad4-FRA
expires
Mon, 07 Aug 2023 15:49:57 GMT
img.fetch
udmserve.net/udm/ 		24 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=17661;tid=1;dt=6;
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
0e095301796ba62323ebe679af07188d4d889ad85040c1e4dc3613f8aab876ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:48 GMT
Content-Encoding
gzip
Transfer-Encoding
chunked
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Expires
0
gen.js
ads.themoneytizer.com/s/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=6
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt
AZySIYsEMR3/Z8cAAA
x-accel-expires
@1691985660
date
Mon, 07 Aug 2023 18:11:47 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e333d16489f68616
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
51047
x-accel-date
1691380860
requestform.js
ads.themoneytizer.com/s/ 		166 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b9fc4e459b5da109d683f1e6e9f37c218dfb7aa0748c08568299798a23220bfa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt
AZySIYuuTOXB
x-accel-expires
@1692036707
date
Mon, 07 Aug 2023 18:11:47 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e333d1642e829116
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
x-77-cache
MISS
cache-control
max-age=604800
casho.la_outstream_floating.js
d2na2p72vtqyok.cloudfront.net/aniview-script/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/aniview-script/casho.la_outstream_floating.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
aeefce688e47bb594c3149ec88725bd4eb05e7e73932c586cda0bd817b2bad73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
m.8BxP8j5lPtRwyJ7X.bmQlBrThgGZea
Content-Encoding
br
Via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
Date
Mon, 07 Aug 2023 18:11:47 GMT
X-Amz-Cf-Pop
FRA60-P4
Age
22401
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 24 Aug 2022 16:37:30 GMT
Server
AmazonS3
ETag
W/"d548908b34a6ddb459428a9572835634"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
X-Amz-Cf-Id
6JrqQz0B2QpH7r7rwllq92EmrMoIAAwCo8pfVl3UOZUuwimkY3JdPA==
load-105507.js
amer.hhkld.com/tag/ 		277 B
644 B 		Script
General
Check archive.org
Download Go to
Full URL
https://amer.hhkld.com/tag/load-105507.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
70b40f508155672aab20ad25784fafc961512c615966adf222eeba2376cef0a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="/w3c/p3p.xml", CP="CUR ADM OUR NOR STA NID"
content-type
application/javascript
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
tag_fb4756ee-62d7-477c-b298-68bce67d05b2.js
sm1.selectmedia.asia/cdn/tags/ 		37 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sm1.selectmedia.asia/cdn/tags/tag_fb4756ee-62d7-477c-b298-68bce67d05b2.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
31da5e757bab8cb5b1cc78448018950d02f2ac5c4fd97bfc7ce67f31eeb8428c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
x-guploader-uploadid
ADPycdtfB_pDZqs80give1SrxGbimwdaYa58dfsC_-n5LiKsD4EhfdbjCDDMOvMqh1ISSPKq4DCBo7MBlmpDHA_RCambewwly8xW
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38144
last-modified
Tue, 01 Aug 2023 12:50:28 GMT
server
UploadServer
etag
"f0d9b89daf931a2246d822d05ead9901"
x-goog-generation
1690894227923199
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=PpTTCg==, md5=8Nm4na+TGiJG2CLQXq2ZAQ==
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
38144
accept-ranges
bytes
spt
tg1.vidcrunch.com/api/adserver/ 		27 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tg1.vidcrunch.com/api/adserver/spt?AV_TAGID=644b96f57dd612596d007c54&AV_PUBLISHERID=62d0073a5831594d4e154ea4
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:25::1726:622b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
/
Resource Hash
03e0c4412adbba31e11bf80f1677f178f072a8da0f63ac904638c88a5a51b287

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

X-Bamboo-C-SkSt
1
Content-Encoding
gzip
X-Bamboo-C-SkFe
1
X-Bamboo-C-S
BYPASS
Date
Mon, 07 Aug 2023 18:11:47 GMT
Access-Control-Max-Age
1728000
Access-Control-Allow-Methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
Content-Type
text/javascript
Vary
Accept-Encoding
Cache-Control
max-age=300
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
Content-Length
7097
Expires
Mon, 07 Aug 2023 18:16:47 GMT
gen.js
ads.themoneytizer.com/s/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=3
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt
AZySIYsKcEz/ZccAAA
x-accel-expires
@1691985662
date
Mon, 07 Aug 2023 18:11:47 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e333d164698d9516
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
51045
x-accel-date
1691380862
requestform.js
ads.themoneytizer.com/s/ 		165 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=3
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2c9b17615d0869e2a0e241f70a757e7160ab0df9bebef21bf4f1cbc15e83f9ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt
AZySIYsSBsvB
x-accel-expires
@1692036707
date
Mon, 07 Aug 2023 18:11:47 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e333d164e34f9e16
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
x-77-cache
MISS
cache-control
max-age=604800
gen.js
ads.themoneytizer.com/s/ 		4 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/gen.js?type=19
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt
AZySIYvfAEf/ZMcAAA
x-accel-expires
@1691985663
date
Mon, 07 Aug 2023 18:11:47 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e333d164d259a116
vary
Accept-Encoding
x-cache
HIT
content-type
text/html; charset=UTF-8
x-77-cache
HIT
cache-control
max-age=604800
x-age
51044
x-accel-date
1691380863
requestform.js
ads.themoneytizer.com/s/ 		165 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=19
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
beba0048929d13bab1754442616d8386e9427233fd7c24c98b538230542f2639

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-nzt
AZySIYvd8Q7B
x-accel-expires
@1692036707
date
Mon, 07 Aug 2023 18:11:47 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e333d164ecc1a716
vary
Accept-Encoding
x-cache
MISS
content-type
text/html; charset=UTF-8
x-77-cache
MISS
cache-control
max-age=604800
FooterLogo-Copy.jpg
www.casho.la/wp-content/uploads/2022/02/
Redirect Chain
  • https://casho.la/wp-content/uploads/2022/02/FooterLogo-Copy.jpg
  • https://www.casho.la/wp-content/uploads/2022/02/FooterLogo-Copy.jpg
7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casho.la/wp-content/uploads/2022/02/FooterLogo-Copy.jpg
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d08f4db8c66660b33658c5971f784fdc6834f68ba966b7d19ed2be3902994c99

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29196
x-envoy-upstream-service-time
2
content-length
6832
cf-bgj
h2pri
last-modified
Tue, 15 Feb 2022 09:05:39 GMT
server
cloudflare
etag
"3280015664"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zpBJBtHm8H7fL5Cj05ezTr1eiplaYhFWODoPaHGUFzaKwTbO1nwl70xhVoExaNqKQI3x%2F%2BiaxBW0blYF5IF1BgchMEHGL%2FUpXqpzr9LI5tHhHfQ0bQm9VEnEq7V%2FgAgYLP7g5o8koUciTQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7f317beeba586913-FRA
expires
Wed, 06 Sep 2023 10:05:11 GMT

Redirect headers

date
Mon, 07 Aug 2023 18:11:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=viZPysuh%2FeL1JEwfIYB%2B%2F8jKCladrGqlDZ6tH0FCgNa6mFPIFj6ktH3NdRXqcHmo4DiHmqUcTIU%2FjNUgePrNIvFL04CNJyqfqJOEZn26hxrTo4K7yLHFHaoPF3NXxxask6ssJD6T"}],"group":"cf-nel","max_age":604800}
location
https://www.casho.la/wp-content/uploads/2022/02/FooterLogo-Copy.jpg
cache-control
max-age=3600
cf-ray
7f317bee499a6913-FRA
expires
Mon, 07 Aug 2023 19:11:47 GMT
core.min.js
www.casho.la/wp-includes/js/jquery/ui/ 		21 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-includes/js/jquery/ui/core.min.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 29 Mar 2023 20:27:13 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
22403
etag
W/"4194085632"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=r1nNqMOMPEcZVYmP0iePvscIgT8mjP3HuKEnjNCOgXITDSLSORiqEPbkr3N6TxHWJ%2BpQcuZERuyT81dNBn7j3OdjOgd3xjSb64X98Rlq%2BktCp34BiTnOEteG4jiSUU%2FYk%2FjFhyY87EuvRQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
x-envoy-upstream-service-time
2
cf-ray
7f317bec3db46913-FRA
expires
Wed, 06 Sep 2023 11:58:23 GMT
jquery.sticky-kit.min.js
www.casho.la/wp-content/plugins/zoxpress-plugin//scripts/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/zoxpress-plugin//scripts/jquery.sticky-kit.min.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Feb 2022 12:40:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
94658
etag
W/"2481376695"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=obANZj1pFPvMyd%2BBLVc1BJn4hqIoCoYcVsUS3EJdHc6c9IL9taujV%2BuZ2R7Tof%2FVKo8o%2FYukRMWXowsE2fyzP4DLEj4ptPamd42n3VbYhCkxLwmzoDmXDD7zWBx6NjxU7eOoPPOFexltYA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
x-envoy-upstream-service-time
1
cf-ray
7f317bec3db66913-FRA
expires
Tue, 05 Sep 2023 15:54:09 GMT
jquery.waypoints.min.js
www.casho.la/wp-content/plugins/zoxpress-plugin//scripts/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/plugins/zoxpress-plugin//scripts/jquery.waypoints.min.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 09 Feb 2022 12:40:01 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
94658
etag
W/"769981852"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=rcu22yzayYsynlCUxDnSQOunWsmugq%2BNecu3SRM5zvXT4SIPb93juAVkZk3VsugRW4C0c61V8Hrf7DT09UTaIDRmlT%2F6foaZKTPYUF0Z7m8JU52PTMDh8xhd%2F7DmpPojTBvyW3VSdKr2NA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
x-envoy-upstream-service-time
2
cf-ray
7f317bec3db76913-FRA
expires
Tue, 05 Sep 2023 15:54:09 GMT
zoxcustom.js
www.casho.la/wp-content/themes/zoxpress/js/ 		0
329 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/themes/zoxpress/js/zoxcustom.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94657
x-envoy-upstream-service-time
1
content-length
0
cf-bgj
minify
last-modified
Sat, 17 Dec 2022 04:30:44 GMT
server
cloudflare
etag
"1012369142"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4i6jY%2BXrZs1C1ID7YvjChZJcEwFBw6FyZLdkBi4pOvrm667%2BA5whVSmxcudRdluYlraX%2BUB4HRKl0rG%2FBj2yO60hN%2BgSTrYxEMZAOJ7Av5EBFw2Qk9XlK4UHY6fs2vzog%2F98r66ECLSPQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7f317bec3dbc6913-FRA
expires
Tue, 05 Sep 2023 15:54:10 GMT
intersection-observer.js
www.casho.la/wp-content/themes/zoxpress/js/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/themes/zoxpress/js/intersection-observer.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e71d11284fe33d09fe11d031d1517b0383750bc5dba2faf77e87f42a609a1b68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
94658
cf-polished
origSize=22304
x-envoy-upstream-service-time
2
cf-bgj
minify
last-modified
Sat, 17 Dec 2022 04:30:44 GMT
server
cloudflare
etag
W/"3479670125"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ueE6db3ZXo3raJBklyAf8Ra%2BhUmoj0PaxDYxIBYfOTcYCrS%2Fi7c7R3xVJqpompj8SXa3YzXE%2B2ZxBXY7Bf0t0Q1bb%2FQBxfX%2FGTfTQoP2mAmIzwnoFGxn1NMdcaNf1KGqcGprQ%2B5kk70W1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317bec3dbe6913-FRA
expires
Tue, 05 Sep 2023 15:54:08 GMT
lozad.min.js
www.casho.la/wp-content/themes/zoxpress/js/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/wp-content/themes/zoxpress/js/lozad.min.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 17 Dec 2022 04:30:44 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
94658
etag
W/"2089375178"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WaH%2FdTNvBRxgSvx%2F1H1WJnNsUIOysx57k%2Bl0Yp2yh%2F%2FEIkNDF0ofc5evfcycvDbQIirS2UhmyHXnJLuXaK2U%2BugnJKDCsMdU8T0qvZhUsPTyYD7kJuY6lBD2dEKxpCunxXVaGcyL09eugg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=2592000
x-envoy-upstream-service-time
2
cf-ray
7f317bec3dc16913-FRA
expires
Tue, 05 Sep 2023 15:54:09 GMT
px_new.php
stats.systems/spx/ 		42 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://stats.systems/spx/px_new.php?cname=&sub_id=&rprm=%7B%7D&rprId=pZ-Re6YJ&pid=0&tdata=%5B%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22https%3A%2F%2Fwww.google.com%2F%22%2C%22https%3A%2F%2Fwww.google.com%2F%22%5D&iframed=0&p_width=1600&p_height=1200&s_width=1600&s_height=1200&color_depth=24&pixel_depth=24&avail_width=1600&avail_height=1200&window_name=&screen_x=0&screen_y=0&screen_left=0&screen_top=0&app_code_name=Mozilla&app_name=Netscape&app_version=5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&cookie_enabled=true&platform=Win32&js_user_agent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36&window_referer=https%3A%2F%2Fwww.google.com%2F&window_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&flash_support=0&is_bot=0&securities=%7B%22s1%22%3Afalse%2C%22s2%22%3Afalse%2C%22s3%22%3Afalse%7D&cr=4370
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.36
Resource Hash
d16537f8743d8f95565136d9389f9b1d4410ac94eabc52fd1deca14ec02303aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.36
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ROE6dn1%2Bs6n8TYYP%2FJqB2uDTbqQD22Bb2145s7bPxWx4eg%2BomPDm9qsYSzoCiEiSqOpDn52nQXWw2%2FbhXbh3fhobIopPPyErAjK5Q01BSzuzToi4R2uqsomVXOlXNpqMS%2BGNWouSlxv3tSEP"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
p3p
CP=\"ALL ADM DEV PSAi COM OUR OTRo STP IND ONL\"
cache-control
must-revalidate
cf-ray
7f317bec4ebf5c44-FRA
alt-svc
h3=":443"; ma=86400
expires
Wed, 11 Nov 1998 11:11:11 GMT
main.19.8.434.js
static.adsafeprotected.com/ 		207 KB
65 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/main.19.8.434.js
Requested by
Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=931034&advId=dogpack&campId=cltg&pubId=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4edf37d240c72f41cf96d12cfff4407d66226a3afa1f8109824d03ebe54be9d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 21:07:18 GMT
x-amz-version-id
qAsuaBHKvPMGjxqFerKb066Em7kDT_J7
content-encoding
gzip
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
1199070
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Mon, 24 Jul 2023 19:17:38 GMT
server
AmazonS3
etag
W/"1f5f5321da98e6d89323d191f36c01c9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
m5GAgjTW04ShRLSvlU4xjHL3zTsczaugUqrGG50k2uSH2-lhi75mZg==
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPT+Serif%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 17:49:54 GMT
x-content-type-options
nosniff
age
260513
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 17:49:54 GMT
fa-brands-400.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 		68 KB
69 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-brands-400.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c

Request headers

Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.2.2
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BCA8XA533WTCANQ7
age
902582
alt-svc
h3=":443"; ma=86400
content-length
69608
x-amz-id-2
NfbpodHJOw1Twf3hjTm7CdxL4WPfjPL20ObWCEq7iKXIUDqmk7TWcg5RiX/z2z32PABmcIjXV7c=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"659c4d58b00226541ef95c3a76e169c5"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TfWMd9YEeQXlhYYXAXy2fCrmBSl2l629yPmSiMHTOIKUoRO3C12n0Q%2BKkyvIhX3VRqUfr%2Fq8gw6PA6CHy0AZTbjDJjIYGIBfbqUlQ7cZVOdtL%2BvX93t58kf2mYXSGby8fBXk%2FSSvdurdiQ%2FgDfoMzRP6"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7f317becfdf71cbf-FRA
pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
fonts.gstatic.com/s/poppins/v20/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v20/pxiByp8kv8JHgFVrLCz7Z1xlFQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPT+Serif%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 00:08:32 GMT
x-content-type-options
nosniff
age
410595
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
7816
x-xss-protection
0
last-modified
Wed, 27 Apr 2022 16:11:40 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Aug 2024 00:08:32 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPT+Serif%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 11:08:17 GMT
x-content-type-options
nosniff
age
198210
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 11:08:17 GMT
fa-solid-900.woff2
use.fontawesome.com/releases/v5.5.0/webfonts/ 		72 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://use.fontawesome.com/releases/v5.5.0/webfonts/fa-solid-900.woff2
Requested by
Host: use.fontawesome.com
URL: https://use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.2.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:e0::ac40:660b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2

Request headers

Referer
https://use.fontawesome.com/releases/v5.5.0/css/all.css?ver=6.2.2
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id
BCA5YVCQE7ADWD31
age
902582
alt-svc
h3=":443"; ma=86400
content-length
73852
x-amz-id-2
4ZSCm1NS5lFBO8KD3e9pVYLdmY1BtOjC/Nv60WOIn5DmMooe5buBgOEOa8ag3A2t4rHVQvjntzY=
last-modified
Wed, 30 Jun 2021 15:43:51 GMT
server
cloudflare
etag
"fb493903265cad425ccdf8e04fc2de61"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
font/woff2
access-control-allow-origin
*
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o4NYt55ABgQsA%2BAXVd3Xr8pPYnNYZ%2BXgDoi6DSYQrm2rN3YJ5q%2Bt7gxzzXLMhPH59wTbaHFLeKcFhRmZ9IqzEJk9%2BkP%2BKwj9Rih68o5Bu8FO7a0YrTIhzhNedi%2FP3hHggnA1gTMpmeWi93HdsAR0OaAn"}],"group":"cf-nel","max_age":604800}
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
cache-control
max-age=31556926
accept-ranges
bytes
cf-ray
7f317becfdf91cbf-FRA
01g11pv63q9cseb6qk.js
injections.mmvideocdn.com/prod/configs/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://injections.mmvideocdn.com/prod/configs/01g11pv63q9cseb6qk.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1000:3:64bd:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
78a8d63885d1001f8259624ee42c4fb135476d23aa16f0b60c14fa53ac75e072

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 31 Jul 2023 20:21:02 GMT
x-amz-version-id
oYS3ihJmbxKDbaUrFoGPnWpe1LySBdif
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
597046
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Tue, 19 Apr 2022 20:04:58 GMT
server
CloudFront
etag
W/"dc1184e9285f626db00743a0a303c23f"
vary
Accept-Encoding, Origin
content-type
application/javascript
x-amz-meta-edge-cache-tag
injectionssrv|crate-network,injectionssrv|01g11pv63q9cseb6qk
cache-control
private, max-age=1800
x-amz-cf-id
Df8h-s08D2nLgZEWlHxwxZn1WvQI3Ao8uGzPXqkH79l9Ce8Q6gdhmg==
content-player.js
player.globalsun.io/v/2.0/ 		90 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/v/2.0/content-player.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dfab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c9343c78995c64df2af5e83b1a4de5140d356a1220ee92086518016d56da64b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
16236
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 06 Aug 2023 05:05:05 GMT
server
cloudflare
etag
W/"64cf2a01-167ef"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wqRiqfQ86MpBcVUqV2uyMVHPVOAm46sR28h4Zx%2FQ5TuuJCVL6eEKeXJSw06yOj5khC%2F6MIwQe1IZOW5WE5Kn59nfUnqRL3R7CF9sXgXDG%2FraVny24y2pd2dMdVLO%2F%2B5JfgL8vD7F%2BnNDtp67bIdx2o70"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7f317bef5a543645-FRA
expires
Tue, 08 Aug 2023 13:41:11 GMT
sdk.js
connect.facebook.net/en_US/ 		307 KB
87 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=34011f825dd1beb55ce818eb48f0d8cc
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
97e46d746adde7197966879ff926ecb8ffc1bfe7fe3b4bb526605ed4ab6008f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Aug 2023 18:11:47 GMT
content-md5
o8nHr3uyjksXg0kaaG+MDA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
88675
x-fb-debug
B3xNrPNcw2z/VBizG+71pIbtewf3qcQrrJtdc933Oopy1nGnTFa8tVE/gS91MeorU0XVAlPdlWu3K5rEVFQ82Q==
x-fb-content-md5
f1dd19bf731d83c7dc458b462812e74a
cross-origin-opener-policy
same-origin-allow-popups
etag
"dd406e04370d10be2e5dcfef701c0f06"
vary
Accept-Encoding
x-frame-options
DENY
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
access-control-expose-headers
X-FB-Content-MD5
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
timing-allow-origin
*
priority
u=3,i
expires
Tue, 06 Aug 2024 15:46:47 GMT
embed.js
embedcdn.sendtonews.com/easy-stn-player/7.20.1/
Redirect Chain
  • https://d280h7aj1u7b0w.cloudfront.net/player3/embedcode.js?fk=nydEIVUv&cid=13327&offsetx=0&offsety=0&floatwidth=400&floatposition=bottom-right
  • https://embedcdn.sendtonews.com/easy-stn-player/7.20.1/embed.js
7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embedcdn.sendtonews.com/easy-stn-player/7.20.1/embed.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
18.165.183.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-81.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
51cfb7dabe58e1f219a0eb2605fbc7071e139fb208b219819f7f1689bee176c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:31 GMT
x-amz-version-id
La4dCdHp2RMT4CoDkY5udizmlBOzpiDS
content-encoding
br
last-modified
Tue, 01 Aug 2023 20:22:00 GMT
server
AmazonS3
via
1.1 478446fb4d72a1fd99b9a7a5157265f4.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
etag
W/"4e67a478ff2ade6cdcfc00bbfa1daf7a"
age
17
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
x229RX0P4RkAi-yA4n9i7vsfndEhIUT4Rozrs1jgVXsvLOaj7QesxQ==

Redirect headers

date
Mon, 07 Aug 2023 18:11:47 GMT
via
1.1 45144f4effc6db6c846de623ab8b639a.cloudfront.net (CloudFront), 1.1 ecb3ea567a6c6095a23354fbdc938128.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA56-P7, FRA56-P6
x-cache
Miss from cloudfront
location
https://embedcdn.sendtonews.com/easy-stn-player/7.20.1/embed.js
content-length
0
x-amz-cf-id
kCWKyW0cy6H2S1i_4D6xv3sjzVjac27RJa3jdUsEy71fjognFebYOg==
casho.json
cdn.unibotscdn.com/clientdata/ 		20 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/casho.json
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
b0b71280be0ee15dac6213a798a2dd1c688d3546cc2c673524e4b46b193ece08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
gzip
cdn-edgestorageid
1076
cdn-storageserver
DE-569
cdn-cachedat
04/17/2023 13:24:01
cdn-pullzone
873945
last-modified
Mon, 17 Apr 2023 11:00:59 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
564
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
9119f3491aaf4415a74b20f3b22e204e
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
easy-stn-player.js
embed.sendtonews.com/easy-stn-player/7.20.1/ 		666 KB
185 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0775574929b1d066d07ee7190421c4665a43d32e78252ad0cd56c69c33d393fe

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:10:59 GMT
x-amz-version-id
0BRidWrl.INaXQKviZ4Tq.Yxx_LmJ9SO
content-encoding
br
last-modified
Tue, 01 Aug 2023 20:22:02 GMT
server
AmazonS3
age
49
x-amz-cf-pop
FRA56-P7
etag
W/"77c698c2bc7cba8d9ade5f2e888b809e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
tLcR90W5hx4tMpfguMJQvVhxEbCNob_p0hM59MylZPi5JxRbiDIiMw==
ice.js
resources.infolinks.com/js/1878.017-3.027/ 		187 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1878.017-3.027/ice.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ed1622bbd271de0ddc168ff0bbbc61065f42b883a7776cc792c1f67d7e59ee98

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 08:52:53 GMT
server
cloudflare
age
10792
etag
W/"2ede5-601d8ac306278"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317bee79171ad4-FRA
expires
Wed, 06 Sep 2023 15:11:55 GMT
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=93644&f=6&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
server
nginx
x-iplb-request-id
50FF0768:D79C_36264064:01BB_64D133E3_30AC74B:1F9F0
x-iplb-instance
24858
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
lib_fs_close.js
ads.themoneytizer.com/ 		667 B
797 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_fs_close.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
51047
x-accel-date
1691380860
x-77-nzt
AZySIYt9O/X/Z8cAAA
pragma
public
x-accel-expires
@1691467260
last-modified
Thu, 19 Jan 2023 15:05:03 GMT
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e333d16418d27023
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 08 Aug 2023 04:01:00 GMT
smart.js
ced.sascdn.com/tag/1097/ 		110 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced.sascdn.com/tag/1097/smart.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
184.86.251.88 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-86-251-88.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
c0df6138992189efffefdbe9173df743253fecb3f07ffeae59a5296597680667

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:47 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=7200
Connection
keep-alive
Content-Length
37188
Expires
Mon, 07 Aug 2023 20:11:47 GMT
sync
gum.criteo.com/ 		49 B
291 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=147&r=2&j=criteoCallback
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:46 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
277180
expires
60
mapper.js
spl.zeotap.com/ 		61 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
br
strict-transport-security
max-age=2592000; includeSubDomains; preload
age
13563
cf-polished
origSize=62056
cf-bgj
minify
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/javascript
access-control-allow-origin
https://www.jasbee.de
cache-control
public, max-age=21600
access-control-allow-credentials
true
cf-ray
7f317bf05e1837ca-FRA
access-control-allow-headers
*
expires
Mon, 07 Aug 2023 20:25:44 GMT
libJsLP.js
tag.leadplace.fr/ 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/libJsLP.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:47 GMT
Last-Modified
Mon, 18 Oct 2021 12:21:41 GMT
Server
nginx/1.20.1
X-IPLB-Request-ID
50FF0768:AD16_91EFC133:01BB_64D133E3_257BE07C:DE7A
ETag
"616d66d5-15ab"
X-IPLB-Instance
29922
Content-Type
application/javascript
Accept-Ranges
bytes
Content-Length
5547
/
onetag-sys.com/usync/ Frame D684 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=2a897e3f18e6769&cb=1691431907562
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
tag.js
a.teads.tv/analytics/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/analytics/tag.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
Y6qsPmt0o95KDo3Ibo2euzqSnxQebNV8
date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
last-modified
Wed, 02 Nov 2022 09:38:15 GMT
x-amz-request-id
CQW5W0RWVHRYA975
etag
"6ddfb3a828a563a7719081ff9aeedaba"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
private, max-age=3600
accept-ranges
bytes
content-length
3391
x-amz-id-2
0qsN3QFgfxOs+/q/R1cZGnol5JfqF/+08lMxOyVv8dOCsHY/szYkQWnzWWPQgJcmMnyVtCsa8Ug=
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 14 Aug 2023 18:11:47 GMT
px.js
p.cpx.to/p/12762/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://p.cpx.to/p/12762/px.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.148.0 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-148-0.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
f9feb0d6627eee56ce4fea329b9318cb672972595debe6452991cbad5e0c6bd9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
gzip
cache-control
max-age=2419200, public
content-type
application/javascript; charset=UTF-8
notifyme.js
d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/ 		25 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.7.64 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-7-64.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Sun, 06 Aug 2023 23:04:42 GMT
Via
1.1 1c5b98f7bd5001d6fe1040daa237afc6.cloudfront.net (CloudFront)
Last-Modified
Mon, 18 Feb 2019 16:54:28 GMT
Server
Apache
X-Amz-Cf-Pop
FRA56-C1
Age
68826
X-Cache
Hit from cloudfront
Content-Type
text/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25704
X-Amz-Cf-Id
Mfs2pLI5ZEnuP-_fUB8Gp_KgHU2KueZAQ-h2M36yJI2pERebWz9nQg==
prebid.js
ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/ 		547 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
314239c0951006468f0c6db2d927690ce7f623ce86544796a5aeea93e36c7456

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
51032
x-accel-date
1691380875
x-77-nzt
AZySIYuj8UL/WMcAAA
pragma
public
x-accel-expires
@1691467275
last-modified
Wed, 02 Aug 2023 20:22:36 GMT
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e333d164418c7923
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 08 Aug 2023 04:01:15 GMT
widgets.js
platform.twitter.com/ 		91 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F33B) /
Resource Hash
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:47 GMT
Content-Encoding
gzip
Age
519
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
27630
Last-Modified
Tue, 24 Jan 2023 21:41:51 GMT
Server
ECS (via/F33B)
Etag
"9e99725b7a4cd730a934afba2a438bb5+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=1800
HeaderLogo1.png
www.casho.la/wp-content/uploads/2022/02/
Redirect Chain
  • https://casho.la/wp-content/uploads/2022/02/HeaderLogo1.png
  • https://www.casho.la/wp-content/uploads/2022/02/HeaderLogo1.png
3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.casho.la/wp-content/uploads/2022/02/HeaderLogo1.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09222eae69ca77461b6fe3567991dfa3d371fa4f1b061da3dc3828e7233231e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
29196
x-envoy-upstream-service-time
2
content-length
3531
last-modified
Tue, 15 Feb 2022 08:12:07 GMT
server
cloudflare
etag
"3097648900"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7J2HHBBb%2FfzE0eKFpHm8xorAvwnbEkqx5nLBFWXcnwd%2FXMpifNxjGI9%2B28k%2Fx2brwstoza49wIS5yzs2FaDlAW08s7rv6rHNhimoPGIrK5PD5w6uAQfMHP1LgT%2FGzcyrHcQXzQl5kKg1nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
7f317bf1bf1e6913-FRA
expires
Wed, 06 Sep 2023 10:05:12 GMT

Redirect headers

date
Mon, 07 Aug 2023 18:11:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KKPxqW7ziV2uuupY%2FfXsaLM3W0dS5dVcaJYMiQKz6UlwboRQAlle3xkTo8PqdmIx8u%2BHmg39a9sDf0WcDXO3tst2JV1MGHP7uXfI1VidevFmU5%2BPi41kNUXr6LdOGv3eAKbD92m5"}],"group":"cf-nel","max_age":604800}
location
https://www.casho.la/wp-content/uploads/2022/02/HeaderLogo1.png
cache-control
max-age=3600
cf-ray
7f317bf0cdb16913-FRA
expires
Mon, 07 Aug 2023 19:11:47 GMT
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=93644&f=3&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
server
nginx
x-iplb-request-id
50FF0768:D79E_36264064:01BB_64D133E3_30AF5DC:15809
x-iplb-instance
38438
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=93644&f=19&fi=99
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
server
nginx
x-iplb-request-id
50FF0768:D7A0_36264064:01BB_64D133E3_30B34A1:1580E
x-iplb-instance
38438
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
email-decode.min.js
www.casho.la/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Fri, 04 Aug 2023 16:29:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"64cd2768-4d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zD4imF%2FMwQAfn68JIYGiyJmFiPlhuq0JfRdZaQLPTI6cNRJY8BTc5GcL09MAyLAxv%2BmxKpTr9r2kCeAjVnA2INH2QiYn8YBDHq3ynSrhltxyYCfpFg7jA5F2zXlan5%2ByQ1yddBJYeF9lA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
x-frame-options
DENY
cache-control
max-age=172800, public
cf-ray
7f317beeaa3a6913-FRA
expires
Wed, 09 Aug 2023 18:11:47 GMT
EJRVQgYoZZY2vCFuvAFWzr8.woff2
fonts.gstatic.com/s/ptserif/v18/ 		32 KB
32 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRVQgYoZZY2vCFuvAFWzr8.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPT+Serif%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 17:49:55 GMT
x-content-type-options
nosniff
age
260512
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
33116
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:52:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 17:49:55 GMT
EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
fonts.gstatic.com/s/ptserif/v18/ 		29 KB
29 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/ptserif/v18/EJRSQgYoZZY2vCFuvAnt66qSVys.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPT+Serif%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 07:36:26 GMT
x-content-type-options
nosniff
age
297321
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
29588
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:28:35 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:36:26 GMT
content.html
hb.vntsm.io/ 		32 B
658 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
cf-cache-status
MISS
x-amz-request-id
SRFTQTSX4W4FC44C
content-length
32
x-amz-id-2
zmBqAXSxErmZWfYkioAc34k70X1R5JF55h4cxFUb0W2uPzcat1ZKypOk5LCS4FPRhAgFeAgnuRE=
geo
DE
geo-subdivision
DE-BW
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f317befea4e18de-FRA
635ba897fb8ea73a414646e5.enc
hb.vntsm.com/v2/live/ 		46 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.com/v2/live/635ba897fb8ea73a414646e5.enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1080:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1080 /
Resource Hash
a8253a66789bd51567008403a07f3d0942b4201562e35b26f80db45ed151789c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cdn-edgestorageid
1082
x-amz-server-side-encryption
AES256
cdn-cachedat
08/07/2023 18:05:26
cdn-pullzone
131999
last-modified
Wed, 26 Jul 2023 15:09:59 GMT
server
BunnyCDN-DE1-1080
cdn-proxyver
1.04
cdn-requestpullcode
200
etag
W/"b83057d2d4bb44ddd70f659d48a717a1"
vary
Accept-Encoding
access-control-allow-methods
GET, OPTIONS
content-type
text/plain
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
5d6cd18c-1b61-4922-947b-91a6b9ea7b00
access-control-expose-headers
x-geo-subdivision,X-Geo,cdn-requestcountrycode,Content-Type,x-bl
access-control-allow-credentials
true
x-bl
0
cache-control
public, max-age=86400
cdn-requestid
b5c731bde2b94d029246e9dcf5eb4415
cdn-requestcountrycode
DE
access-control-allow-headers
cdn-requestcountrycode,Content-Type,x-bl,ref_url
cdn-status
200
cdn-requestpullsuccess
True
player.js
player.aniview.com/script/6.1/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/player.js
Requested by
Host: d2na2p72vtqyok.cloudfront.net
URL: https://d2na2p72vtqyok.cloudfront.net/aniview-script/casho.la_outstream_floating.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:2be::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
1973a520ed99fb012d8ced4fae38ee23741dc04609c4510124423bd19dcdb5fe

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduPJqxuJVoNCSiQdZqfeEIe6xhUgJ170YYL2-uDIRnX4koKpVhKgpMBypyJjCvdHo2vRw8M_KI4b0Vr_inDaYgNhlEJjc1J
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
13568
last-modified
Mon, 07 Aug 2023 11:55:06 GMT
server
UploadServer
etag
"09015ff3c438d75300b9e3dd7cc7e427"
vary
Accept-Encoding
x-goog-generation
1691409306700072
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=s64LAg==, md5=CQFf88Q411MAuePdfMfkJw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
13568
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:21:48 GMT
track
track1.aniview.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?pid=5d8ccec528a0617cae5a0755&cid=62ea3ab579d12c3cc207d375&cb=1691431907690&r=www.casho.la&stagid=62ebd7e33bf98a75fe291dc5&stplid=62ebcf9f165d3b6961339c66&d35=&d65=&e=playerLoaded
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.3.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-3-149.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
manage
router.infolinks.com/usync/ Frame B827 		0
43 B 		Document
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/manage?pid=3236112&wsid=19&pdom=www.casho.la&purl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cf-cache-status
DYNAMIC
cf-ray
7f317befcb711ad4-FRA
content-length
0
date
Mon, 07 Aug 2023 18:11:47 GMT
server
cloudflare
via
1.1 google
lcmanage
router.infolinks.com/usync/ 		0
56 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/usync/lcmanage?pid=3236112&wsid=19&pdom=www.casho.la&purl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
cf-ray
7f317bf11dfa1ad4-FRA
content-length
0
gsd
router.infolinks.com/ 		322 B
517 B 		Script
General
Check archive.org
Download Go to
Full URL
https://router.infolinks.com/gsd?evt=afterGSD&pid=3236112&wsid=19&pdom=www.casho.la&purl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&jsv=1878.017-3.027&ref=www.google.com%2F&_cb=16914319077770
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7917aedea86f51751bd5d058e9c5aa882f66ed0415dc8217d200745676084312

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:48 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/javascript;charset=UTF-8
p3p
CP="NON DSP NID OUR COR"
cache-control
max-age=0
cf-ray
7f317bf12e121ad4-FRA
expires
Thu, 01 Jan 1970 00:00:00 GMT
casho.js
cdn.unibotscdn.com/clientdata/js/ 		578 B
863 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/js/casho.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
d838f4312751ca2d2a7cce59c1c375b307da59a4949418c99e7b8c57ffde4944

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-165
cdn-cachedat
07/03/2023 21:39:41
cdn-pullzone
873945
last-modified
Tue, 17 Jan 2023 05:24:52 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
530
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63c63124-242"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
6bf709063b9da8be01fb5c20931e6621
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
videojs.ads.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		975 B
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ads.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cdn-edgestorageid
874
cdn-storageserver
DE-168
cdn-cachedat
07/29/2023 18:49:21
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
569
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-3cf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
5113337acd514fc2d772647f9fc88e13
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/videojs.ima.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cdn-edgestorageid
1055
cdn-storageserver
DE-51
cdn-cachedat
07/21/2023 22:54:47
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:13 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
576
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf61d-eda"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
648b9fd6656e28178db8b2d1e73dca52
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video-js.min.css
cdn.unibotscdn.com/ubplayer/dist/css/ 		39 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/css/video-js.min.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cdn-edgestorageid
755
cdn-storageserver
DE-167
cdn-cachedat
07/06/2023 22:31:42
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:08 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
296
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf618-9cdf"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
9243ea5eb832611b51208c7ba8bc1c38
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
casho.css
cdn.unibotscdn.com/clientdata/css/ 		1 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/clientdata/css/casho.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
781392903d67dc79b05bbf56489162cd24a0118d2478415495621448b4602a20

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cdn-edgestorageid
1049
cdn-storageserver
DE-167
cdn-cachedat
07/03/2023 21:39:36
cdn-pullzone
873945
last-modified
Fri, 06 Jan 2023 04:49:34 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
532
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"63b7a85e-567"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
336fb51c9060849549e0a56566d57d28
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ub-player.css
cdn.unibotscdn.com/ubplayer/css/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
c4e0a0eb29bdcdc9ab2f842638e501ba15e642e2cea04b20bf8dae8dc8beb606

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cdn-edgestorageid
1054
cdn-storageserver
DE-164
cdn-cachedat
08/05/2023 17:29:51
cdn-pullzone
873945
last-modified
Thu, 03 Aug 2023 07:39:08 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
647
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"64cb599c-1115"
vary
Accept-Encoding, Accept-Encoding
content-type
text/css
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=3600
cdn-requestid
4af37b01bf2b22b0090b7f9457d88ef2
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		345 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121802
x-xss-protection
0
expires
Mon, 07 Aug 2023 18:11:48 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.casho.la%2F&domain=www.casho.la&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 07 Aug 2023 18:11:47 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
224098
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.casho.la%2F&domain=www.casho.la&cw=1&lsw=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:47 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
161752
expires
0
prebid
id5-sync.com/api/config/ 		134 B
540 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/api/config/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
localstore.js
script.4dex.io/ 		483 B
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:48 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Thu, 03 Aug 2023 15:25:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
354970
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=iTP0pDK1a8EGLOUE%2FweibekDCDP%2BQKl5CteCWPOjFaCjaMh1Ju0SlyBVjzX%2FtP4K8j%2FLfFCuP7ES%2F4hiaQWeTNwcVQZIPnC8JjgNafG4DH6SSTkbrZ%2BV2QK2WJ5bPuV%2Fx2ICPwZ1Hh0oXGMd"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7f317bf219513663-FRA
content.html
hb.vntsm.io/ 		32 B
300 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hb.vntsm.io/content.html
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2483 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
cf-cache-status
HIT
x-amz-request-id
SRFTQTSX4W4FC44C
age
0
content-length
32
x-amz-id-2
zmBqAXSxErmZWfYkioAc34k70X1R5JF55h4cxFUb0W2uPzcat1ZKypOk5LCS4FPRhAgFeAgnuRE=
geo
DE
geo-subdivision
DE-BW
last-modified
Thu, 14 Oct 2021 10:47:47 GMT
server
cloudflare
etag
"2f58b9ff601fd509249a9e7628a21c33"
vary
Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods
GET
content-type
text/html
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
max-age=14400
accept-ranges
bytes
cf-ray
7f317bf06b3018de-FRA
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		144 KB
50 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?test_adblock=true
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
47000d25caecf0d921badd9109d9211e5dde6dc3178f03066f69337ef72f6420
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
50773
x-xss-protection
0
server
cafe
etag
15722091690061414842
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Mon, 07 Aug 2023 18:11:48 GMT
load-105507.js
amer.hhkld.com/tag/ 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://amer.hhkld.com/tag/load-105507.js?page_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-105507.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
3ca36038086d2ffbe06769f5d64679d6b3d967fba30a892bfde1ae50934591a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
gzip
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html
platform.twitter.com/widgets/ Frame 01EE 		320 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.casho.la
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F33D) /
Resource Hash
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
412969
Cache-Control
public, max-age=315360000
Content-Encoding
gzip
Content-Length
105435
Content-Type
text/html; charset=utf-8
Date
Mon, 07 Aug 2023 18:11:47 GMT
Etag
"95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified
Tue, 24 Jan 2023 21:41:13 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (via/F33D)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary
Accept-Encoding
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
invisible.js
www.casho.la/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/ Frame C1FD
Redirect Chain
  • https://www.casho.la/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://www.casho.la/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
7 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d5a74ca2ad9e08079bdd60547726d3ff2bd019f44b1ce18e7a3d769f7919ca7
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HudyuuSWc8uW4%2BDBvawNZrDDQ9N7Uq3CewnkGkUBStPCs23mKLQnotfNfe7kLMDSyPXC4sfzMHoMNJA43qsOgKajLXwRs2yi56YmP%2FLHy6G%2F8Xr8abTcGS6OQk1dMXbN3N7AyAhy3TEh4w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7f317bf1af1c6913-FRA

Redirect headers

date
Mon, 07 Aug 2023 18:11:47 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4u51mEvR%2BS3OBCmkfTGc5q1KrYIaXcz%2B5W42y0vq%2FWsKMPlIe6DwG%2BOuW%2FOreaSUygCP7IfuUTK3GvOXsP9hgoCwfH9BarNUdH9By5Ljrck%2FXzw2KB%2BLXGD10UBHSe5sASF9evEUfm92kQ%3D%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/74ac0d47/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7f317bf08d6a6913-FRA
s
kvt.sddan.com/api/v1/public/p/29567/d/50/ 		0
0
style.css
player.globalsun.io/css/ 		235 B
503 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/css/style.css
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dfab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d263fda337af552f00a2ee95fdfd8fc5553e1062864bfa3ab987396741fd5adc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
43543
cf-polished
origSize=345
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Mon, 03 Oct 2022 11:00:10 GMT
server
cloudflare
etag
W/"633ac0ba-159"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZW41FJZvsYW7c%2BU5ZbO0fAD%2FC6CYuzAuSsBDrDudJlg%2F1OSXktRPR6j1eKv8mvbTzBirsxWeo60iCHUripqtgTMM31zjftzNHRrWue9WxBdHDZfQoot%2FNObErrz9iMM2LXk2GVhUgz6yqPw2d21tNjrb"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7f317bf0bccd3645-FRA
expires
Tue, 08 Aug 2023 06:06:04 GMT
video-js.min.css
player.globalsun.io/player/video.js-new/dist/ 		40 KB
10 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/video.js-new/dist/video-js.min.css
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dfab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9b728eb13794287875457d5c53a7492142ff0955745251d80d08068e19a3dad

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2022 15:06:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
39962
etag
W/"634d6f6e-a0e9"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=81FDBx5QnQ9PpYBfewm8JXZO5onRvI9So%2Ba5FQhRawGevCtEt5Gx8NKd1tzW%2BVuU6q16GUlhGdiNopVPXka%2FjuSInbheRxirMLU7qHhOq1ulPscyGPedi7qxF7SbZXFEhagvqFKFy1r9m5SzyYbfH%2F84"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7f317bf0bcd13645-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 08 Aug 2023 07:05:45 GMT
videojs.ads.css
player.globalsun.io/player/videojs-contrib-ads/dist/ 		795 B
608 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/videojs-contrib-ads/dist/videojs.ads.css
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dfab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
87d6f740bada7720e8f5dd063e95878118767a1bb1bf4f4214156f579c935e73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
39846
cf-polished
origSize=916
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 05 Sep 2021 09:22:37 GMT
server
cloudflare
etag
W/"61348c5d-394"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2BthxEwsBKg13H8PSllwNzs6RyAgIX4tx%2Fgi4gwCM%2Fl2o7CaPb1U84ctaV5CVUNu2CtVp%2FIjalLMPICC9eCi51nLD%2Bf4tXEHablUmpeQNd%2BNjncDfn9QkDZBWlOAVZID8JFBIw24PS8umR5R3KTcGjWr%2B"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7f317bf0bcd33645-FRA
expires
Tue, 08 Aug 2023 07:07:41 GMT
videojs.ima.css
player.globalsun.io/player/videojs-ima-new/dist/ 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/videojs-ima-new/dist/videojs.ima.css
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:dfab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d78ee65d6be02a5a9c1f62ecd60f280215063624d80dac06328ddfc985a4b61c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
46345
cf-polished
origSize=4484
alt-svc
h3=":443"; ma=86400
cf-bgj
minify
last-modified
Sun, 05 Mar 2023 04:55:17 GMT
server
cloudflare
etag
W/"640420b5-1184"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORLxcBMCLGfgOa1xbu1mbzF7%2Bd%2FeGZzxmWGqN1KnHNP5wCtF3664GB%2BdIf90zqEOjAdjNGxHNXQwBPe3gZOatsOq2APRKXfAZhBp0egBwMJur%2FM46BZc6Zcr00dWWZPMmMloP8EG8u%2FFnM6xmfqf7GZu"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
max-age=86400
cf-ray
7f317bf0bcd63645-FRA
expires
Tue, 08 Aug 2023 05:19:22 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Aug 2023 17:49:45 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1323
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 07 Aug 2023 19:49:45 GMT
content
api-player.globalsun.io/api/publishers/player/ 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-player.globalsun.io/api/publishers/player/content?category_id=cca780d9c99a8c88b3cd91&href=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&uid=&v=1691431907934&item_id=3359ee452e07e723efe794&adserver_id=4a00b1ac96bc7941112e43
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.37.165 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.37.165.vultrusercontent.com
Software
/ Globalsun
Resource Hash
b0717fe6eb98016a76d31aa9a1f3557889e9de39d5f365ddddce167946771137
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-real-ip
80.255.7.104
x-powered-by
Globalsun
etag
W/"827-KjZAgwjSJDjklcZznARKaeKeHkk"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
public, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, *
content-length
2087
187621-164323601241456.js
js-sec.indexww.com/ht/p/ 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.10.47 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Aug 2023 17:50:35 GMT
server
cloudflare
age
1137
etag
W/"904739-9a4f-60258e22caf45"
vary
Accept-Encoding
content-type
text/javascript
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
edge-control
cache-maxage=1h
cache-control
public, max-age=14400
cf-ray
7f317bf2a8a790ec-FRA
expires
Mon, 07 Aug 2023 22:11:48 GMT
css
fonts.googleapis.com/ 		3 KB
761 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Open+Sans:600
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
01c9f493b0db5fdbf24f23861ac685955865fcb60ee346c6f0274cfda17ed276
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 16:13:41 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Aug 2023 18:11:48 GMT
icon
fonts.googleapis.com/ 		569 B
439 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/icon?family=Material+Icons
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 18:11:48 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Aug 2023 18:11:48 GMT
OverlayScrollbars.min.css
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/ 		20 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/css/OverlayScrollbars.min.css
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
29372559
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
4023
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-4e34"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2GGkS%2FLgcwSSrvljYmnH0npb4M1wrAOF9FLkWaXCnplhzD66YQFTICLvFShrhH8bVAhSeFgJ%2FZGdIQW3nwGORJCpOiKnUPwP676t%2FB%2F9bVhQVe3wERDbnOvRVLB13tjs9exVV%2BoX62n0OBk3dy7HqNB6"}],"group":"cf-nel","max_age":604800}
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f317bf1cdec1cc5-FRA
expires
Sat, 27 Jul 2024 18:11:48 GMT
OverlayScrollbars.min.js
cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/ Frame A57D 		53 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/overlayscrollbars/1.13.1/js/OverlayScrollbars.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
17883981
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
20502
last-modified
Wed, 16 Dec 2020 13:04:39 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5fda05e7-d208"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a2yk4s39TdhKl%2F9S3xy%2FcNRLyNnsnqReF2yxN03DX9m9zoISNcG7qBYd8uz4w7ZZc4251M3cIoiAgezSj9v7akAcdAA%2FX9aPY%2FrWcfR4UgGplsXZx54b0EUm%2BOd%2BdPXOESjUIxlbv5Jx7iQ5QvJwoDA9"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7f317bf1fe351cc5-FRA
expires
Sat, 27 Jul 2024 18:11:48 GMT
prebid.js
embed.sendtonews.com/library/prebid/8.5.0/ Frame A57D 		356 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0e53c57c02bc1893290ace288f875fb7f24ecd07008077da5e9751f51040907e

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
uMY2CXxBwlQN5uztKTa9X5zGVYToi.n.
content-encoding
gzip
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 00:19:36 GMT
last-modified
Tue, 25 Jul 2023 22:19:16 GMT
server
AmazonS3
age
64340
x-amz-cf-pop
FRA56-P7
etag
W/"1d52ceae543e767ce76cb49d8c52ac94"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
QW6EC2j5ygBJUIdrovQ6qGOclTH5lhozstcHDD-hDDZlikUirGHLLA==
comScore.gt.min.js
embed.sendtonews.com/library/streamsense/6.3.4.190424/ Frame A57D 		335 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/library/streamsense/6.3.4.190424/comScore.gt.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-31.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
..7XtSbDM3xjP8tWp7l1eb4E8v7z8_OL
content-encoding
gzip
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 02:42:01 GMT
last-modified
Thu, 13 Apr 2023 16:36:13 GMT
server
AmazonS3
age
55801
x-amz-cf-pop
FRA56-P7
etag
W/"4a51b8991a6b67323936c2eb62e3518e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
access-control-allow-origin
*
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
xinEhC91mD9G6JvPhZQz8KFw-vd2pXlDekB33-qite7pdqE8vUYFmw==
reddit.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/reddit.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 14:39:09 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
26712
etag
"cb93bb50e5d021cc38de445a672c18a2"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
1094
x-amz-cf-id
hwL3sNCTVSYVIEbVrxB3DV-y90GrMzqRptm-UoDkfSKHLG6hGMXA5Q==
facebook.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		322 B
655 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/facebook.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 14:39:09 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
26712
etag
"311cf2edc46e82f2a6911332b7db54e1"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
322
x-amz-cf-id
ig7aKUb2dSu3elh54jbdwTl0yAg8FcgVblDnHO-xG-aYNS9Jd_PhSA==
twitter.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		832 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/twitter.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 10:46:38 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
26711
etag
"8be584e844dabfe22970a0cb943c047e"
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
832
x-amz-cf-id
VGA-tWrcHC5qLYolEwN0nCgjliwf94PeBB8TT_SEwYu4C1vf6gP63w==
email.png
d29xw9s9x32j3w.cloudfront.net/images/social/ 		773 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/images/social/email.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 14:39:09 GMT
via
1.1 1f0db25765b79d244ad1fa2184395c12.cloudfront.net (CloudFront)
last-modified
Fri, 24 Apr 2020 20:07:21 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-P2
age
12761
etag
"4bd445ddc3f9d6101690e15cfc1a04f0"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
image/png
accept-ranges
bytes
content-length
773
x-amz-cf-id
Mf7s1833_kmV0-yeGo-cbaUjzWHQzWU2HMZxHKcBKvzoJ0tLnHkRNA==
apstag.js
c.amazon-adsystem.com/aax2/ Frame A57D 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:12:09 GMT
content-encoding
gzip
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront), 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P3
age
3580
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
55d2ZTaD7M5k1Of-0DjobO8C8g5ZdK89w_qwfGhsTDIoHO0dR6JTxw==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
187 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Zw4GL6aFpv7EIrJ3&instance=862936&version=7.20.1&age=230807&cmd=PRE_INIT&key=nydEIVUv&seq=1&order=1&vIndex=0&absoluteTime=2827.7&relativeTime=0.1&canonical=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&EXTREF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&REF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-9-3.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
data_read.php
embed.sendtonews.com/player4/ 		34 KB
6 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://embed.sendtonews.com/player4/data_read.php?cmd=loadInitial&session=Zw4GL6aFpv7EIrJ3&instance=862936&version=7.20.1&age=230807&ESG_key=nydEIVUv&type=FULL&EXTREF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&REF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&ogSet=1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
108.138.17.31 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-17-31.fra56.r.cloudfront.net
Software
Apache /
Resource Hash
c0bc52196345f2fe6d0feb738cfcf29377c2ed4e4b2d1816f8b26ccae182e6a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
via
1.1 9672a97668a5842cedcfaee3e743019e.cloudfront.net (CloudFront)
server
Apache
x-amz-cf-pop
FRA56-P7
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=1
alt-svc
h3=":443"; ma=86400
content-length
5904
x-amz-cf-id
pT8oX5k7tCko5Gg62NOAGK8nvv73wHdWzATu_KoTuci9_qgGdPmWXQ==
expires
Mon, 07 Aug 2023 18:11:49 GMT
63ece8e3ec8441ca06055982
feed.avplayer.com/backend/api/playlist/ 		4 KB
868 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://feed.avplayer.com/backend/api/playlist/63ece8e3ec8441ca06055982?AV_TAGID=644b96f57dd612596d007c54&pid=62d0073a5831594d4e154ea4&cid=62fbbbcc73cc6f17ea0b4625&AV_TEMPID=6464d20d35dbda87cc0d79ae&AV_PUBLISHERID=62d0073a5831594d4e154ea4
Requested by
Host: tg1.vidcrunch.com
URL: https://tg1.vidcrunch.com/api/adserver/spt?AV_TAGID=644b96f57dd612596d007c54&AV_PUBLISHERID=62d0073a5831594d4e154ea4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
9e110b15e82a88e1678e7bb797c9c5375f9392750ce3389ce582f16d9b8d045c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
vary
origin
x-hw
1691431908.dop224.fr8.t,1691431908.cds127.fr8.hn,1691431908.cds292.fr8.c
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
max-age=1800
access-control-allow-credentials
true
accept-ranges
bytes
avcplayer.js
player.avplayer.com/script/8.3/v/ 		807 KB
209 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/avcplayer.js
Requested by
Host: tg1.vidcrunch.com
URL: https://tg1.vidcrunch.com/api/adserver/spt?AV_TAGID=644b96f57dd612596d007c54&AV_PUBLISHERID=62d0073a5831594d4e154ea4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
849beb2097ede1f511a30befde645af95d760bb881afcb8b1762d1137909ef5f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 14:59:09 GMT
etag
"1690988349"
x-hw
1691431908.dop244.fr8.t,1691431908.cds140.fr8.hn,1691431908.cds108.fr8.c
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
213328
track
servt.vidcrunch.com/ 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vidcrunch.com/track?pid=62d0073a5831594d4e154ea4&cid=62fbbbcc73cc6f17ea0b4625&cb=1691431908041&r=www.casho.la&stagid=644b96f57dd612596d007c54&stplid=6464d20d35dbda87cc0d79ae&d35=&d65=Active&d66=8&d74=&e=playerLoaded&cpid=63ece8e3ec8441ca06055982&str=autostart
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.59.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-59-157.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
01g11pgjq79xmbnx9c.js
vms-players.minutemediaservices.com/ 		438 KB
438 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Requested by
Host: injections.mmvideocdn.com
URL: https://injections.mmvideocdn.com/prod/configs/01g11pv63q9cseb6qk.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:e600:2:4149:df00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
8955fa903d0ec652d81c567518c2bbe8ed0ab124ff2583b64bf7b3ef7e64ef05

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 07:50:25 GMT
x-amz-version-id
Wsa3wO2pm5SySaYilnRBIev0TkHLLdAI
via
1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
1938084
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
content-length
448032
last-modified
Sun, 04 Jun 2023 09:25:50 GMT
server
CloudFront
etag
"9762d960a7735671905018f7b83d422b"
vary
Origin
content-type
text/javascript
cache-control
private, max-age=1800
accept-ranges
bytes
x-amz-cf-id
__lUoU5ubWetmFCXi6XosfQYmVA61vvJBU1XaZEJmTv0VVz1zUiq6g==
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.64 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216658.ip-141-95-98.eu
Software
/
Resource Hash
4b2e4c76593f35546a43058aaea6edf1ad7ecd5bda38584d2cad1d94769737a9
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
sca.17.6.2.js
static.adsafeprotected.com/ Frame 9AB1 		91 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.adsafeprotected.com/sca.17.6.2.js
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:1600:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 11 Jan 2023 08:50:00 GMT
x-amz-version-id
go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding
gzip
via
1.1 df9ce120cad525bdb160f75cd7b807c2.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
18004909
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
last-modified
Tue, 20 Sep 2022 19:21:34 GMT
server
AmazonS3
etag
W/"1f3488247c90bb5de253d3d0cb3b7458"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
x-amz-cf-id
Ppm8sJ4fRAzwnSl6DXa6NWma6wb4z2MMg9w4HHXU-K-pprPWHj4GsA==
mon
pixel.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.adsafeprotected.com/mon?anId=931034&advId=dogpack&campId=cltg&pubId=&adsafe_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&adsafe_type=abdq&adsafe_url=https%3A%2F%2Fwww.casho.la%2F&adsafe_type=f&adsafe_jsinfo=,id:aa5a4f7f-6067-a2f1-9538-2ab430a49491,c:kD7rBa,sl:outOfView,em:false,fr:true,thd:1,mn:jsserver-primary-7bdf49c444-kjnvj,rg:ie,pt:1-5-15,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:1600.0.0.0,piv:0,obst:0,th:0,reas:r,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:885,mot:0,app:0,maw:0,fm:tMgXUlV+1*.931034%7C11%7C12%7C13%7C14%7C15,idMap:1*,pl:CV8L.VEBo.0YtC,rmeas:0,rend:0,renddet:na,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:909,oid:df4096bf-354d-11ee-9e06-0e7d194de5e4,v:19.8.434,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.36.106 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-36-106.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:48 GMT
server
nginx
x-server-name
app03.ie.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
102.json
id5-sync.com/g/v2/ 		276 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/102.json
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
9d6e79a8f9eaa7706c0d6cfa3fdb029ff1be11bd8222b4aec7721209a0479a3f
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:47 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
settings
syndication.twitter.com/ Frame 01EE 		869 B
659 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2Fwww.casho.la
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time
102
date
Mon, 07 Aug 2023 18:11:47 GMT
content-encoding
gzip
strict-transport-security
max-age=631138519
last-modified
Mon, 07 Aug 2023 18:11:48 GMT
server
tsa_o
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
caf72c518479edb6
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
226d8c6b7717ffbe05c895b649b299ae8b375f3c597c203f1a5836eed0233001
content-length
337
id.json
loader.unblockia.com/c/casho.la/ 		11 B
480 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://loader.unblockia.com/c/casho.la/id.json
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:8a00:12:abfb:9280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f783e917c4f17d3f46e9115218ecc006d9d6f3b75cb600e1cbf91a48d064477f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
O.mh0uKWjIrfURq6yT.Rk_euM_0v4jxa
date
Mon, 07 Aug 2023 18:05:25 GMT
via
1.1 c7311454ce938e04f3523616a5b033da.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
384
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
11
last-modified
Fri, 30 Jun 2023 10:33:00 GMT
server
AmazonS3
etag
"fd04b45da645d41ab124e958ce76ff76"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
*
accept-ranges
bytes
x-amz-cf-id
xBqsxrBD8mCD0EPnhFUkjA6IrYKjk-LOdKUJFJ24SwzMb1s-yV100w==
ffk27manqd
www.clarity.ms/tag/ 		649 B
1013 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/tag/ffk27manqd
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e5a8c0ad90ca244d69de42ef3747ea05f1cb0139f22ee1a1d05b7979375c8821

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
-1
date
Mon, 07 Aug 2023 18:11:49 GMT
x-azure-ref
20230807T181148Z-wcvk1uqqdd1hme2ffeykdrrwr40000000a0000000000gyk4
x-cache
CONFIG_NOCACHE
content-type
application/x-javascript
cache-control
no-cache, no-store
accept-ranges
bytes
content-length
649
request-context
appId=cid-v1:e55edbbe-e22b-46b4-8313-9ee2a4e71d12
/
spl.zeotap.com/ 		429 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?env=mWeb&eventType=pageview&zdid=1258
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/mapper.js?env=mWeb&eventType=pageview&zdid=1258
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5c55aa57e1032044717711446000bfff5a325011af34776e6cc2cc93ce372e2d
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
text/html
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
cf-ray
7f317bf2792e37ca-FRA
access-control-allow-headers
*
index-ffe075f6.js
hhkld.com/static/next/alfa_master/assets/ 		189 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/static/next/alfa_master/assets/index-ffe075f6.js
Requested by
Host: amer.hhkld.com
URL: https://amer.hhkld.com/tag/load-105507.js?page_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
5051c8cbddad43f130aef4f120cc12f79c9b836769022c2f04561f863d4e9d53

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
last-modified
Fri, 04 Aug 2023 17:20:09 GMT
server
nginx
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/javascript
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
Content-Length,Content-Range
cache-control
max-age=315360000, public, no-transform
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
expires
Thu, 31 Dec 2037 23:55:55 GMT
wckr.php
tag.leadplace.fr/ Frame CB19 		0
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://tag.leadplace.fr/wckr.php?ref=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&id=MTIZ
Requested by
Host: tag.leadplace.fr
URL: https://tag.leadplace.fr/libJsLP.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
145.239.193.51 Valence, France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx/1.20.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:11:48 GMT
Server
nginx/1.20.1
Transfer-Encoding
chunked
X-IPLB-Instance
29922
X-IPLB-Request-ID
50FF0768:AD16_91EFC133:01BB_64D133E3_257BE086:DE7A
rules-p-6Fv0cGNfc_bw8.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-6Fv0cGNfc_bw8.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:08:07 GMT
content-encoding
gzip
via
1.1 ff571229df9f46b01b0e434bcb36f9e6.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
222
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 22:35:53 GMT
server
AmazonS3
etag
W/"1f431dc94c1f033d6666f0fe637e2d7b"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
Q3nKwDgtbHl9cTw5iREN8UINfNoTHxNM92LTybU2iSkslFrAUxrGDQ==
fpc
at.teads.tv/ 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://at.teads.tv/fpc?analytics_tag_id=PUB_26130&tfpvi=&gdpr_status=22&gdpr_reason=220&gdpr_consent=&ccpa_consent=&shared_ids=&sv=8480ba3&
Requested by
Host: a.teads.tv
URL: https://a.teads.tv/analytics/tag.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.75.89.75 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-75-89-75.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:48 GMT
Content-Type
text/plain; charset=UTF-8
Access-Control-Allow-Origin
https://www.casho.la
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Expires
Mon, 07 Aug 2023 18:11:48 GMT
getuidj
ib.adnxs.com/ 		11 B
570 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/getuidj
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12762/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:48 GMT
an-x-request-uuid
57bc24a0-a83e-4bcb-a814-17009148951b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
11
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
rid
match.adsrvr.org/track/ 		63 B
388 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=0fkciot&fmt=json
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12762/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
97c4a434ceaadb0d5cea60c93c793dc46887dd6cd58f8e54ef080ffd5388d8af

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 06 Sep 2023 18:11:48 GMT
cdb
bidder.criteo.com/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0&cb=95518225568&lsavail=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:47 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
c
prebid.a-mo.net/a/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:47 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
66
server
envoy
vary
origin, Accept-Encoding
prebid-request
onetag-sys.com/ 		15 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.casho.la
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
ROS
pbjs.e-planning.net/hb/1/2a156/1/www.casho.la/
Redirect Chain
  • https://pbjs.e-planning.net/pbjs/1/2a156/1/www.casho.la/ROS?rnd=0.39241293187579673&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B267...
  • https://pbjs.e-planning.net/hb/1/2a156/1/www.casho.la/ROS?ct=1&r=pbjs&rnd=0.39241293187579673&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300...
620 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/hb/1/2a156/1/www.casho.la/ROS?ct=1&r=pbjs&rnd=0.39241293187579673&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26706%3A160x600&ur=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pbv=8.6.0&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F&e_pubcid=0c974440-dd3e-46f6-b53f-0fbf20d340ea
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
f41c2a654a3da935c6567bade275424096fb54552f2e0f9ea7e0ce9bbf239db8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 07 Aug 2023 18:11:49 GMT
date
Mon, 07 Aug 2023 18:11:49 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
620
x-sid
AMS-929

Redirect headers

date
Mon, 07 Aug 2023 18:11:48 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/hb/1/2a156/1/www.casho.la/ROS?ct=1&r=pbjs&rnd=0.39241293187579673&e=26328%3A300x250%2C728x90%2C970x90%2C1x1%2C1000x90%2C1000x30%2C990x90%2C950x90%2B26323%3A300x250%2C300x600%2B26711%3A300x250%2C300x168%2B26300%3A300x250%2C300x168%2B26322%3A728x90%2C320x50%2C300x50%2C320x100%2C300x100%2B26706%3A160x600&ur=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pbv=8.6.0&ncb=1&vs=FFFFFF&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F&e_pubcid=0c974440-dd3e-46f6-b53f-0fbf20d340ea
access-control-allow-origin
https://www.casho.la
content-type
text/html; charset=iso-8859-1
access-control-allow-credentials
true
x-sid
AMS-929
/
b1h.zemanta.com/api/bidder/prebid/bid/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Access-Control-Allow-Credentials
true
bid-request
a.teads.tv/hb/ 		16 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 07 Aug 2023 18:11:48 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		1 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39550&zone_id=1124636%3B1078234%3B1078234%3B1078234%3B1078318%3B1078234&size_id=15%3B15%3B2%3B9%3B15%3B15&alt_size_ids=2%2C55%2C58%2C221%3B10%3B19%2C43%2C44%2C117%3B%3B%3B&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,88435,1,,,&eid_pubcid.org=0c974440-dd3e-46f6-b53f-0fbf20d340ea%5E1&rf=https%3A%2F%2Fwww.casho.la&kw=93644&tg_i.domain=casho.la&tg_i.page=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.name=casho.la&tg_i.siteid=93644&tg_i.pbadslot=%2F93644%2Fcasho.la%2Fdesktop%2F26328%3B%2F93644%2Fcasho.la%2Fdesktop%2F26323%3B%2F93644%2Fcasho.la%2Fdesktop%2F26322%3B%2F93644%2Fcasho.la%2Fdesktop%2F26706%3B%2F93644%2Fcasho.la%2Fdesktop%2F26711%3B%2F93644%2Fcasho.la%2Fdesktop%2F26300&tk_flint=pbjs_lite_v8.6.0&l_pb_bid_id=473c20a6be9f4d1%3B48e980e6b5ac316%3B49fa65b05f8b357%3B5042c1e2a2497b%3B51beddfa0cf3e96%3B5267767336d42b7&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F93644%2Fcasho.la%2Fdesktop%2F26328%3B%2F93644%2Fcasho.la%2Fdesktop%2F26323%3B%2F93644%2Fcasho.la%2Fdesktop%2F26322%3B%2F93644%2Fcasho.la%2Fdesktop%2F26706%3B%2F93644%2Fcasho.la%2Fdesktop%2F26711%3B%2F93644%2Fcasho.la%2Fdesktop%2F26300&slots=6&rand=0.5020270929472972
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
41f27ae2609d4549c2d6f24e957b88addceb46ae5353175f040c73a97dc89cac

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:48 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
bid-request
a.teads.tv/hb/ 		16 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 07 Aug 2023 18:11:48 GMT
prebid
mp.4dex.io/ 		60 B
712 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 07 Aug 2023 18:11:48 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Validating the Prebid Request adunits. Unable to parse native image.sizes, Validating the Prebid Request adunits. Unable to parse native image.sizes, Process Floors. 5 inventory rules not found for mediatype: banner and adUnitCode: 26328, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26711, Process Floors. 1 inventory rules not found for mediatype: banner and adUnitCode: 26300, Process Seats Booster. unable to get the seat booster engine for organization: 1015
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f317bf3aea33801-FRA
expires
0
adreq
ads.servenobid.com/ 		646 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=6413
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ecbc1b07cb2761e6e400e66268e4c7413c14b15d9c7220d1f930fa80e317b50d

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
cdb
bidder.criteo.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.6.0&cb=25585583818&lsavail=1
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:47 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
moneybid.js
ads.themoneytizer.com/bidder1/ 		339 B
553 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93644&adid=6&formatid=26328&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIYsxAo6h
x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf878727b98487cfe433d16478b3a217
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.casho.la
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		628 B
734 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93644&adid=3&formatid=26323&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
134585e07c76bc75c0b03610f5ab17a2b791ccca69fed16fa0b5bc1bd6bfb578

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIYvvnCih
x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf878727b98487cfe433d1648db0b317
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.casho.la
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		624 B
733 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93644&adid=1&formatid=26322&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b75cef599bcb84b7e74ce59033d1a2d95b4be75d2de4703d6ce07ffb9545af2f

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIYsqfYSh
x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf878727b98487cfe433d1645df8b017
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.casho.la
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		633 B
741 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93644&adid=20&formatid=26706&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b38584ae83afc07bded454747b84a094c4d21f9ff0c0805a6cb63796c474043e

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIYthjlWh
x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf878727b98487cfe433d1645764ae17
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.casho.la
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		627 B
735 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93644&adid=19&formatid=26711&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0177f9b2f92aca742f803048121c07525f10b4e4c34bbef3828dcefad69064b1

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIYvkRqGh
x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf878727b98487cfe433d1647e95aa17
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.casho.la
x-77-cache
MISS
cache-control
max-age=604800
moneybid.js
ads.themoneytizer.com/bidder1/ 		626 B
732 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93644&adid=2&formatid=26300&size=desktop
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
2c3a2395f5bd4bc2ccd45e6c78cdcda016d80c84f378ef4bfafc73f27aa06017

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIYt19oyh
x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf878727b98487cfe433d1646d02a717
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.casho.la
x-77-cache
MISS
cache-control
max-age=604800
/
ghb.adtelligent.com/v2/auction/ 		11 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.adtelligent.com/v2/auction/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.23.112 Kyiv, Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
cc86365-06.cc.colocall.com
Software
Adtelligent /
Resource Hash
cd69bfe475606c6cee080a5ae3049c565203cbe14741dd26f717d9bb2406db27

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 07 Aug 2023 18:11:48 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.casho.la
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
1173
prebid
ib.adnxs.com/ut/v3/ 		730 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
134491a9bf8a5da500d3cfa94fe4b86ab1795347d9f4784d398cb97c74a85043
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
an-x-request-uuid
f660fa70-2f2b-4ea4-92ac-d0602b4b93a7
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
bid.missena.io/ 		0
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bid.missena.io/?t=PA-84657472
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.64.52.102 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-64-52-102.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Date
Mon, 07 Aug 2023 18:11:48 GMT
Access-Control-Allow-Credentials
true
Connection
keep-alive
Vary
Origin
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&PageUrl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&PageReferrer=https%3A%2F%2Fwww.google.com%2F
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
99e1042859466985160679043588634faecade6cec6a93a1b047d54fa45c57de
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:48 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
7
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
1076
expires
0
pb
ad.360yield.com/1602/ 		0
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/1602/pb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.114.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-114-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:48 GMT
access-control-allow-credentials
true
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
/
prebid.smilewanted.com/ 		0
0
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bHj7xyza8r7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8a8ec92d46ba0d0f5c59dc47bb3b1068908d39b0ef62210a5d6e785878c06e25

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=d5jv24zaar7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8a8ec92d46ba0d0f5c59dc47bb3b1068908d39b0ef62210a5d6e785878c06e25

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=byadUMza8r7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8a8ec92d46ba0d0f5c59dc47bb3b1068908d39b0ef62210a5d6e785878c06e25

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=aiQovMzaer7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8a8ec92d46ba0d0f5c59dc47bb3b1068908d39b0ef62210a5d6e785878c06e25

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
150 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=btze1Sza8r7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8a8ec92d46ba0d0f5c59dc47bb3b1068908d39b0ef62210a5d6e785878c06e25

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
hb
ssc.33across.com/api/v1/ 		67 B
159 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=bpjP6uza8r7ikjrkHcnnVW
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
8a8ec92d46ba0d0f5c59dc47bb3b1068908d39b0ef62210a5d6e785878c06e25

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931034&asId=aa5a4f7f-6067-a2f1-9538-2ab430a49491&tv=%7Bc:kD7rE7,pingTime:-2,time:1092,type:a,im:%7Bsf:0,pom:1,prf:%7BbdA:1504,bdZ:1813,beA:2014,beZ:2015,mfA:2899,cmA:2900,inA:2900,inZ:2905,prA:2905,prZ:2909,si:2923,poA:2924,poZ:2937,cmZ:2937,mfZ:2937,loA:2992,loZ:2993,ltA:3105,ltZ:3105,mdA:2016,mdZ:2585%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:0,vs:o,r:r,w:1,h:1,t:909%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:1092,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:909,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:1600.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B204~0%5D,as:%5B204~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:0,fm:tMgXUlV+1*.931034%7C11%7C12%7C13%7C14%7C15,idMap:1*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:0,renddet:na,siq:910,slid:%5B%5D,sinceFw:181,readyFired:true%7D&br=c
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1be6:f1b0:79a9:85e7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:48 GMT
server
nginx
x-server-name
dt15.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
track-selectmedia.com/trackv4/ 		0
418 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?&d5=casho.la&d3=ab0ce547-61a7-4bf0-ad2d-83f74bfa3917&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d23=tag_fb4756ee-62d7-477c-b298-68bce67d05b2&d24=369b143f-4399-436e-af95-ed955e53c2da&d2=1691431908&e=0&cb=1691431908316
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:48 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
style.css
serv-selectmedia.com/cdn/player/ 		1 KB
869 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/style.css
Requested by
Host: sm1.selectmedia.asia
URL: https://sm1.selectmedia.asia/cdn/tags/tag_fb4756ee-62d7-477c-b298-68bce67d05b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 12:50:20 GMT
content-encoding
gzip
age
19288
x-guploader-uploadid
ADPycduZGERZDLVF342W_xn9pwxGSwnR3rHFK6ckuaeGxPAEm7u0dyADlFTzI-J9T5MdlB_frPQCatscGDTWUFowy4mVbZ6dZizb
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
571
last-modified
Mon, 15 Aug 2022 09:39:19 GMT
server
UploadServer
etag
"3a8d6c993f0a7e34ae07f8e86c31e632"
vary
Accept-Encoding
x-goog-generation
1660556359399621
x-goog-hash
crc32c=GiK3YQ==, md5=Oo1smT8KfjSuB/jobDHmMg==
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
571
accept-ranges
bytes
content-type
text/css
selectmedia-player.umd.js
serv-selectmedia.com/cdn/player/ 		138 KB
42 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Requested by
Host: sm1.selectmedia.asia
URL: https://sm1.selectmedia.asia/cdn/tags/tag_fb4756ee-62d7-477c-b298-68bce67d05b2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
7c816491815dbe74d63aa6be14b69e15629bba27b1cfb35bbcb26fc59c37a36b

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 13:11:24 GMT
content-encoding
gzip
age
18024
x-guploader-uploadid
ADPycdtC8bIsOyPQO4hjgKw5pLmJ7LCnFzFxzXtkbKBCPWMCBELhscV0dTBs_qy3zfC9HqnrUCZANr4icHs6jCHVW6XNNNO63soz
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42123
last-modified
Sun, 06 Aug 2023 13:09:01 GMT
server
UploadServer
etag
"60e4497fc26b75630069ba9f942cc664"
vary
Accept-Encoding
x-goog-generation
1691327341623419
x-goog-hash
crc32c=EZ8ZkQ==, md5=YORJf8JrdWMAabqflCzGZA==
access-control-allow-origin
*
access-control-expose-headers
Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
42123
accept-ranges
bytes
content-type
application/javascript
12.json
id5-sync.com/g/v2/ 		276 B
683 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/12.json
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
ce2dfc72b1d68b132484a53a877f2eed5a91a78385810c2fdf82829fc54ce292
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:48 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
content-type
application/json;charset=UTF-8
ats.js
ats.rlcdn.com/ 		236 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.29 , United States, ASN (),
Reverse DNS
server-13-224-103-29.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
gzip
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 12:10:10 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
21699
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
oZX9kwNgy8qiteiqXSqjRVgt07Fheva7nRE5DxcLtQMjcYGxZYp0xg==
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/3.0.0/ 		84 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Requested by
Host: d2zur9cc2gf1tx.cloudfront.net
URL: https://d2zur9cc2gf1tx.cloudfront.net/a96081b6-db78-48c4-9f82-b93e316fb1f7/notifyme.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 03 Aug 2023 21:10:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
334875
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
30186
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="hosted-libraries-pushers"
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 02 Aug 2024 21:10:33 GMT
7f317be5fc476913
www.casho.la/cdn-cgi/challenge-platform/h/g/cv/result/ Frame C1FD 		0
539 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.casho.la/cdn-cgi/challenge-platform/h/g/cv/result/7f317be5fc476913
Requested by
Host: www.casho.la
URL: https://www.casho.la/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:d43 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
cf-ray
7f317bf71f4f6913-FRA
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AmJdAkGYyOP0Y7VfioTkHsSTsaL9sNxqKKk6Gj9%2FDTY1P4irESF58G0TAbbI779OUXvq4zGD6EKEoRyAh6P6YacKfwkVtrmBNRDEbgagocHUaGIxNkBge%2BWAQRCE38dtW%2BND06aYIKz8dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 3597 		718 KB
231 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524502
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ 		44 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 07 Aug 2023 18:11:49 GMT
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B33F 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
video.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		524 KB
156 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/video.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
cdn-edgestorageid
860
cdn-storageserver
DE-570
cdn-cachedat
07/06/2023 22:30:42
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:19 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
340
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf623-830a3"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
65461b7c0cf77eaf55571766acc5faaa
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
embed_lib_v1.0.11.css
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.css
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id
1427e8f8
date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
gzip-server
KFC
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
zJ2Nyh55L+w+3gi0qlc5pw==
x-check-cacheable
YES
x-cache
TCP_MEM_HIT from a23-48-22-144.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=1, inner; dur=6
content-length
1200
x-tos-request-id
c80d2b7781c5d7563b7781c-af5401d
x-tos-response-time
Fri, 06 Jan 2023 01:23:40 GMT
last-modified
Thu, 03 Nov 2022 00:46:48 GMT
server
nginx
x-tt-logid
20230107061032FCAFA6E2D2EF8DF08B9E
etag
CP6J0dbkkPsCEAE=
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=1492701
access-control-allow-credentials
false
x-tt-trace-host
01594559d62bd879d677ada348aa64fc43c24b220477d22236e1c4a58f8f84d70a5d31cd967b9c88ada99120b212aca227f3c1281cfd94501acbf6942f8b01fd171d6c78841c1adea7a2cb4a6ddf788ab88b8bfcad8d2a75395769b8311f383c12cc8a5c39a127789d2406983f5186e5cd6b416d5fe11d2a5c41ec314855bdb067
timing-allow-origin
*
access-control-allow-headers
*
embed_lib_v1.0.11.js
lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://lf16-tiktok-web.ttwstatic.com/obj/tiktok-web/tiktok/falcon/embed/embed_lib_v1.0.11.js
Requested by
Host: www.tiktok.com
URL: https://www.tiktok.com/embed.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.48.23.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a23-48-23-144.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-akamai-request-id
1427e905
date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
gzip-server
KFC
x-tt-trace-tag
id=16;cdn-cache=hit;type=static
content-md5
6f9KK8Y3c/2Yh2WZTLuA2Q==
x-check-cacheable
YES
x-cache
TCP_MEM_HIT from a23-48-22-144.deploy.akamaitechnologies.com (AkamaiGHost/11.2.0-49822201) (-)
x-bdcdn-cache-status
TCP_HIT
cross-origin-resource-policy
cross-origin
server-timing
cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
content-length
5147
x-tos-request-id
5015e4c03a65172563c03a65-af54412
x-tos-response-time
Thu, 12 Jan 2023 16:50:45 GMT
last-modified
Thu, 03 Nov 2022 00:46:48 GMT
server
nginx
x-tt-logid
2023011313295432AB13B660278BF688A8
etag
CNX5z9bkkPsCEAE=
access-control-max-age
86400
access-control-allow-methods
GET,POST
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=1798930
access-control-allow-credentials
false
x-tt-trace-host
016bbbde7ba25c584111056193f8c6017b3d2308526089f6e155025cf27f53c6229a7a1bcf8983572cd5a06f828ab0641bf253be0ac38b79c39fc3b27164b874fc3c3d34fc789eafbe8eb893c83f3774c46a138bd3629f3b6806dc2c8e4e00a13c4cf4528ad095eb966ec05618f59f0522f404b1e0de88ee311ba3b530232b7d9d
timing-allow-origin
*
access-control-allow-headers
*
fire.js
s.cpx.to/ 		52 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://s.cpx.to/fire.js?pid=12762&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&hn_ver=57&fid=3bb29eab-7bce-4df0-ab0f-ea12b2a0b28b
Requested by
Host: p.cpx.to
URL: https://p.cpx.to/p/12762/px.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.200.218.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-218-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
44186b3e1d7fc7e4c38cccb003bc13e1757665660406b166a6b64771df8874ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:49 GMT
access-control-allow-credentials
true
expires
Mon, 07 Aug 2023 18:11:49 GMT
content-length
52
vary
Origin
p3p
CP="NOI DEV ADM"
mw
mwzeom.zeotap.com/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=187cce2a-21ea-44c1-5c0e-915242d734b7&...
  • https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm=&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=187cce2a-21ea-44c1-5c0e-915242d734b7...
  • https://mwzeom.zeotap.com/mw?google_gid=CAESECixDK1IVymBOsUu9rbkfbc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=187cce2a-21ea-44c1-5c0...
95 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?google_gid=CAESECixDK1IVymBOsUu9rbkfbc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=187cce2a-21ea-44c1-5c0e-915242d734b7&zdid=1258
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
cf-ray
7f317c037b8f37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://mwzeom.zeotap.com/mw?google_gid=CAESECixDK1IVymBOsUu9rbkfbc&google_cver=1&zpartnerid=1&env=mWeb&eventType=pageview&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=187cce2a-21ea-44c1-5c0e-915242d734b7&zdid=1258
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
446
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
AVmanager.js
player.aniview.com/script/6.1/ Frame F2E6 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/player.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:2be::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu7ClBSN95X8tOhxFLVY58PG2p03KSTrwJXPA-tmoKV1UUjqjoZmsUE_65vFlq0LsDw4LJM7rEY2n4tvYZnM6tIuz6Npb4M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130379
last-modified
Mon, 07 Aug 2023 11:55:06 GMT
server
UploadServer
etag
"25aee45ea3338112064b801c98043832"
vary
Accept-Encoding
x-goog-generation
1691409306508079
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dQhmYQ==, md5=Ja7kXqMzgRIGS4AcmAQ4Mg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130379
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:21:49 GMT
adagio.js
script.4dex.io/ 		74 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8ef6e6dfd4d82f26303e757b5895d9c9aac7424484bc74cf386055d1bb3e940f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:49 GMT
Content-Encoding
br
CF-Cache-Status
HIT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Age
285149
Transfer-Encoding
chunked
Connection
keep-alive
Last-Modified
Thu, 03 Aug 2023 15:25:21 GMT
Server
cloudflare
ETag
W/"d28a1b0d6dc3203c62f341488d62736b"
Vary
Origin, Accept-Encoding
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=zlZTtIs2fHGJ9grOOD85JgVQgh05cuInHcVhLooTnmC%2Bp3GbTxzuT55KDT3hHrQpQmBtA7qi3LSEpfVqgtPAOxdHcfNsoZR9xRWHtwCeykeadR2TKKZkgP%2BqhEXQAhpfXBNdq2X%2Bk6oKFzHw"}],"group":"cf-nel","max_age":604800}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Access-Control-Expose-Headers
Cache-Control
public, max-age=1800
CF-RAY
7f317bf96bca1d8c-FRA
doq.htm
rt3029.infolinks.com/action/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://rt3029.infolinks.com/action/doq.htm?pcode=utf-8&r=16914319090131
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.41.9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
44f58eeac0397dffe348919631f5da7e80e4065a61ca42dae6aa9963f254698c

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
vary
Origin
content-type
text/html;charset=UTF-8
access-control-allow-origin
https://www.casho.la
p3p
CP="NON DSP NID OUR COR"
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-language
de-DE
cf-ray
7f317bf99b7d90d6-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
collect
www.google-analytics.com/j/ 		15 B
219 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=330834980&t=pageview&_s=1&dl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Cashola&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cn=www.casho.la&cs=ContentPlayer&_u=YEBAAEABAAAAACAAI~&jid=131656168&gjid=106129956&cid=1849936587.1691431909&tid=UA-214964304-1&_gid=1878985784.1691431909&_r=1&_slc=1&z=1448990951
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
595a2e2873a8eb7c3c90ef5d9f6563c00f62dbdbdddcfd428b0ae474ce7244c1
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:49 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15
expires
Fri, 01 Jan 1990 00:00:00 GMT
udm-r3_v2.21.3.js
bid.underdog.media/ 		567 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/udm-r3_v2.21.3.js
Requested by
Host: udmserve.net
URL: https://udmserve.net/udm/img.fetch?sid=17661;tid=1;dt=6;
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:1c00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ba8271a41653f1a216e92eb5d7d5ae1d91008d9b22eeaf6c2dd0310758d095e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 24 Jul 2023 17:21:00 GMT
content-encoding
gzip
via
1.1 fa2f998214db1c6c6bdb96ceff3ce5d8.cloudfront.net (CloudFront)
last-modified
Mon, 24 Jul 2023 17:09:23 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
1212650
etag
"335b4c8675484909ac6be38b8ca38b74"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=2592000
accept-ranges
bytes
content-length
181442
x-amz-cf-id
eGx33nEY4uxnm3ng73GP_s4BEQTbOkS_rkaB0ARHQs_4YA4rLsjXZg==
rules-p-Pz67dCqdsHfxh.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Pz67dCqdsHfxh.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:58:04 GMT
via
1.1 ff571229df9f46b01b0e434bcb36f9e6.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
826
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 23:00:33 GMT
server
AmazonS3
etag
"eee1bd1fc55b604b66cd9e63c4f811b8"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
HThNl9LJwkE1uZM8vaBacwkVKoRmX_SzlilqNgA1df-yKMSTXKdyxw==
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bapnid%3D%24UID%3Bcb%3D0.8262727
  • https://udmserve.net/udm/fetch.pix?dt=1;apnid=5730477144318325021;cb=0.8262727
43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;apnid=5730477144318325021;cb=0.8262727
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:49 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:49 GMT
an-x-request-uuid
6649f7dc-bb7e-486f-b964-57601c3d0097
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://udmserve.net/udm/fetch.pix?dt=1;apnid=5730477144318325021;cb=0.8262727
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://image8.pubmatic.com/AdServer/ImgSync?p=156505&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D156505%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fudmserve.net%...
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjQwNTI0NTktQTNFMS00RkE4LUIxMUUtMEI4MjI2OUM3QTFD&gdpr=-1&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=-1&gdpr_consent=
  • https://image8.pubmatic.com/AdServer/ImgSync?sec=1&gdpr=0&gdpr_consent=&us_privacy=${US_PRIVACY}
  • https://image4.pubmatic.com/AdServer/SPug?cb=0.8262727&gdpr=0&p=156505&pmc=1&pr=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fpmid%3DB4052459-A3E1-4FA8-B11E-0B82269C7A1C&us_privacy=%24%7BUS_PRIVAC...
  • https://udmserve.net/udm/fetch.pix?pmid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
43 B
628 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?pmid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:52 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

location
https://udmserve.net/udm/fetch.pix?pmid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
date
Mon, 07 Aug 2023 18:11:51 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
fetch.pix
udmserve.net/udm/
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=199174&cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.8262727%3Bindx%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.8262727%3Bindx%3D&s=199174&C=1
  • https://udmserve.net/udm/fetch.pix?dt=1;cb=0.8262727;indx=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB
43 B
624 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.8262727;indx=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:50 GMT
Cache-Control
max-age=43200
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:50 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://udmserve.net/udm/fetch.pix?dt=1;cb=0.8262727;indx=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
0
Expires
0
sync
ups.analytics.yahoo.com/ups/58806/ 		0
125 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58806/sync?redir=true&cb=0.8262727
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
us
sync.go.sonobi.com/ 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fudmserve.net%2Fudm%2Ffetch.pix%3Fdt%3D1%3Bcb%3D0.8262727%3Bsonobi%3D%5BUID%5D
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:49 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-199
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync.php
pixel-us-west.rubiconproject.com/exchange/ 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=24042&cb=0.8262727
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.39.36.141 Los Angeles, United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
dbbc2dbf689859fb5870b364473d5441
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
rid
match.adsrvr.org/track/ 		63 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=casale&fmt=json&p=187621
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
309607d9c753cb6d5a21a6f4b04ee5b539257fb4fbdd12bc4a2e240eb05301da

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 06 Sep 2023 18:11:49 GMT
/
id.sv.rkdms.com/identity/ 		2 B
165 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.sv.rkdms.com/identity/?vendor=idsv2&sv_cid=5274_04512&sv_pubid=SENDTONEWS&sv_domain=www.casho.la
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
44.214.13.119 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-44-214-13-119.compute-1.amazonaws.com
Software
nginx/1.22.0 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:49 GMT
access-control-allow-credentials
true
server
nginx/1.22.0
content-length
2
vary
Origin
content-type
application/json
identity
api.rlcdn.com/api/ 		44 B
358 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/ht/p/187621-164323601241456.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.133.55 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
55.133.120.34.bc.googleusercontent.com
Software
/
Resource Hash
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
via
1.1 google
x-content-type-options
nosniff
access-control-allow-methods
GET, OPTIONS
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
access-control-allow-headers
Accept, Authorization, Content-Type, Cookie, Origin, X-Requested-With
content-length
44
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:49 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:48 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:49 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ 		563 B
684 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
682cd18d76a90b55a5feec4d49977ec946fa18d5bd070e6e8ba563fb9ff9e120

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.casho.la
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=93644&f=3&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=3
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
server
nginx
x-iplb-request-id
50FF0768:D7A0_36264064:01BB_64D133E5_30B351C:1580E
x-iplb-instance
38438
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
genericpost
ww1097.smartadserver.com/ 		569 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
706c5b72e7c8024718dd952560d910759b38bd6b61a614769e3991d6804fad79

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.casho.la
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=93644&f=6&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
server
nginx
x-iplb-request-id
50FF0768:D79E_36264064:01BB_64D133E5_30AF65C:15809
x-iplb-instance
38438
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
genericpost
ww1097.smartadserver.com/ 		563 B
685 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: ced.sascdn.com
URL: https://ced.sascdn.com/tag/1097/smart.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
22ddd46d06aa456269600fbfe8f18c34ee968b857d1bd1752d31697e73d0970f

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.casho.la
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
281 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=93644&f=19&fi=0
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=19
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
server
nginx
x-iplb-request-id
50FF0768:D79C_36264064:01BB_64D133E5_30AC7C0:1F9F0
x-iplb-instance
24858
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
rules-p-effSsmMYCbAck.js
rules.quantcount.com/ 		160 B
633 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-effSsmMYCbAck.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:27:08 GMT
via
1.1 ff571229df9f46b01b0e434bcb36f9e6.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
2681
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
content-length
160
last-modified
Thu, 13 Oct 2022 22:21:01 GMT
server
AmazonS3
etag
"435cbd9bc4b3440e866ad1f4f7d1ef02"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
x-amz-cf-id
Oj79aFhzHTiEDlhPDaKY1u8gyUErNkMHc7v_beoNcQ8zo-1yqTSq9g==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Zw4GL6aFpv7EIrJ3&instance=214862936&version=7.20.1&age=230807&cmd=GET&key=nydEIVUv&c_id=13327&seq=1&order=2&vIndex=0&absoluteTime=4220.8&relativeTime=1393.2&canonical=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&EXTREF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&REF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&playerCfg=FL&playerType=FLOAT&serverHost=embed.sendtonews.com
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-9-3.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
0.js
player.sendtonews.com/bidderFiles/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.sendtonews.com/bidderFiles/0.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-14.zrh55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a72d79afb9c09dca7f529a4418358197958d17f04475fb4a9b061c2290f3bc12

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
6fWOCylYfI97YLojxLcgO4Opg3caCefm
content-encoding
gzip
via
1.1 4a0b7683a1d33d6d186965e831f2de96.cloudfront.net (CloudFront), 1.1 01c82f5226ffef5f7e654ffdbab24db6.cloudfront.net (CloudFront)
date
Sun, 06 Aug 2023 20:26:45 GMT
x-amz-cf-pop
FRA56-P7, ZRH55-P1
age
78308
x-cache
Hit from cloudfront
last-modified
Tue, 01 Aug 2023 20:15:47 GMT
server
AmazonS3
etag
W/"ef915fbe7a59b974353dd23ee37810c2"
vary
Accept-Encoding
access-control-allow-methods
GET, HEAD, POST
content-type
application/javascript
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
x-amz-cf-id
9KCs1d1iXyY-RPeLVwrp_QDtka8xzob26oa5aM5QBkAKD1_UDyAEIQ==
aminflv8y8mm5iyjqtg7en9971ug98vm.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		76 KB
77 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/aminflv8y8mm5iyjqtg7en9971ug98vm.jpg
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
495ca7f9045fada5b773333cb5ca9e163e87c2162b290b722af4239f4244c294

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
77822
last-modified
Mon, 07 Aug 2023 16:41:27 GMT
server
AmazonS3
etag
"6b788f0e9347deb2f11455614f5fee5d"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
GY4xkZEyj4ZgvuLGbLPcteSoyK4RW_5gKlrrDEWJ_n3I__FU45_c7Q==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Zw4GL6aFpv7EIrJ3&instance=214862936&version=7.20.1&age=230807&cmd=RTP&key=nydEIVUv&c_id=13327&seq=1&order=3&vIndex=0&absoluteTime=4229.9&relativeTime=1402.3&sC_ID=8786&sm_id=2924987&load=1&status=LVFNSNIY&ac_id=2008&EXTREF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&REF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&playerCfg=FL&playerType=FLOAT&DS=found
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-9-3.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
analytics.min.js
cdn.resonate.com/analytics.js/v1/200302733/ Frame A57D 		0
96 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.resonate.com/analytics.js/v1/200302733/analytics.min.js
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.12.242 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
strict-transport-security
max-age=15552000
server
cloudflare
cf-ray
7f317bfb0e52365f-FRA
vary
Accept-Encoding
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsgH1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 01:26:55 GMT
x-content-type-options
nosniff
age
233094
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18628
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 01:26:55 GMT
memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
fonts.gstatic.com/s/opensans/v35/ 		18 KB
18 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/opensans/v35/memSYaGs126MiZpBA-UvWbX2vVnXBbObj2OVZyOOSr4dVJWUgsg-1x4gaVI.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Heebo%3A300%2C400%2C500%2C700%2C800%2C900%7CAlegreya%3A400%2C500%2C700%2C800%2C900%7CJosefin+Sans%3A300%2C400%2C600%2C700%7CLibre+Franklin%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CFrank+Ruhl+Libre%3A300%2C400%2C500%2C700%2C900%7CNunito+Sans%3A300%2C400%2C600%2C700%2C800%2C900%7CMontserrat%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CAnton%3A400%7CNoto+Serif%3A400%2C700%7CNunito%3A300%2C400%2C600%2C700%2C800%2C900%7CRajdhani%3A300%2C400%2C500%2C600%2C700%7CTitillium+Web%3A300%2C400%2C600%2C700%2C900%7CPT+Serif%3A400%2C400i%2C700%2C700i%7CAmiri%3A400%2C400i%2C700%2C700i%7COswald%3A300%2C400%2C500%2C600%2C700%7CRoboto+Mono%3A400%2C700%7CBarlow+Semi+Condensed%3A700%2C800%2C900%7CPoppins%3A300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto+Condensed%3A300%2C400%2C700%7CRoboto%3A300%2C400%2C500%2C700%2C900%7CPT+Serif%3A400%2C700%7COpen+Sans+Condensed%3A300%2C700%7COpen+Sans%3A700%7CSource+Serif+Pro%3A400%2C600%2C700%7CIM+Fell+French+Canon%3A400%2C400i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPT+Serif%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CRoboto%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%7CPoppins%3A100%2C100i%2C200%2C+200i%2C300%2C300i%2C400%2C400i%2C500%2C500i%2C600%2C600i%2C700%2C700i%2C800%2C800i%2C900%2C900i%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 03:47:29 GMT
x-content-type-options
nosniff
age
224660
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18232
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:27:08 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 03:47:29 GMT
flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v140/ 		125 KB
125 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/materialicons/v140/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/icon?family=Material+Icons
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 04 Aug 2023 07:35:16 GMT
x-content-type-options
nosniff
age
297393
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
128352
x-xss-protection
0
last-modified
Tue, 07 Mar 2023 19:51:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sat, 03 Aug 2024 07:35:16 GMT
12o46q643rns6rr808p0q9n746535qnrplaylist.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/ 		291 B
862 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/12o46q643rns6rr808p0q9n746535qnrplaylist.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ce6b90f82bd3532a612b62d2fb78090f8d99f81f4c7af8eaecfcb2a843c104c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
291
last-modified
Mon, 07 Aug 2023 16:44:28 GMT
server
AmazonS3
etag
"215340f7f18ffe4421c291ce1ceb81c5"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
toSkrg0xXGUHOaVTYFT1ZTy9Wo-aO5VHvGhIrW9h6BCFRMpHH0n8Qw==
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Zw4GL6aFpv7EIrJ3&instance=214862936&version=7.20.1&age=230807&cmd=IMA&key=nydEIVUv&c_id=13327&seq=1&order=4&vIndex=0&absoluteTime=4275.9&relativeTime=1448.3&EXTREF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&REF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&playerCfg=FL&recoveryMethod=SSAI&imaVersion=3.584.2&blocked=false&recovered=false&hasAdParams=true
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-9-3.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
ads
pubads.g.doubleclick.net/gampad/ 		17 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F92056281%2Fcashola-premium&env=vp&gdfp_req=1&unviewed_position_start=1&ad_rule=1&output=xml_vmap1&sz=480x270&ciu_szs=300x60&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&hl=en&vpa=auto&vpmute=1&vconp=2&cmsid=2631244&vid=2924987&us_privacy=false&cust_params=sessionKey%3D214862936-Zw4GL6aFpv7EIrJ3%26schain%3Dstnvideo.com%2CAasBUF7V9msOtfGMQ_QfpQ%26content%3D8786%26placementType%3DPremium%26embed%3DnydEIVUv%26domain%3Dcasho.la%26player_size%3Dsmall%26player_width%3D462%26player_height%3D260%26player_type%3Dfloat%26version%3D7.20.1%26player_status%3DLVFNSNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D3%26uhr%3D18%26iris_id%3Diris_3a3ab8c6a23b5003%26iris_context%3Dic_8121076%2Cic_8240327%2Cic_2001389%2Cic_9146060%2Cic_0291942%2Cic_3572470%2Cic_7753435%2Cic_1612662%2Cic_1543298%2Cic_0344266%2Cic_5043113%2Cic_7287399%26us_privacy%3Dfalse%26keywchk%3Dok
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cc628f60d331da47033b1656d0ad374a5470cca8fe9aec5af3996e8d68698e5e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1221
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
407p2r4sqo6949s5rn19463r13sq8q8n.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		29 KB
29 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/407p2r4sqo6949s5rn19463r13sq8q8n.jpg
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
cdb655cea074720df3611a941f75b62267652c0c84392d2937a4a687e8a393d3

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
29241
last-modified
Mon, 07 Aug 2023 16:27:32 GMT
server
AmazonS3
etag
"731192608ce18cefa1069c2e44df25a1"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
ntJXxl1LhzqGGVm8WTQKojpLuEQ0K4DDQlyC4VBU7744XQ8ofZnXOg==
ghlctagdkhxts4l0zedundbrdj9g1j6m.jpg
d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/video_thumb/XL/ghlctagdkhxts4l0zedundbrdj9g1j6m.jpg
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3dc143ee1d016fa8c111003fc79c9f64a73a36a496685459fd0d97ee84ff5b24

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 16:28:48 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
age
6182
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
30278
last-modified
Mon, 07 Aug 2023 16:00:09 GMT
server
AmazonS3
etag
"ada744e1bea181283179c9dbcc5aa079"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
image/jpeg
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
qNeBAb2Q8v_W0TV1db20O3SpnRRA7X-2ggT8OJZEuOMcxE2YLk4tqA==
px.gif
ad-delivery.net/ 		43 B
936 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
676202
x-guploader-uploadid
ADPycdswOBhsNnQ7zd3dNxnjBvd90dPvyWK1mha-wmNlCcSgcFBv5weRCHgPD65siP9BNx2D713ag50pVeH4XL-FYL-FONJNexmm
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0f0PbVCPm86kbVtoLp41K5mrXzmGtl4B4QWW7ao90KXHaC%2B2rNxiMvCt4YPraBm9UBAGELj7GKJszjiRK9Oq%2BI7wlt%2Ffsaap6DlhO%2BBeYydqf5dT3sxD%2B%2F32AEXYj0UZgTQjgy1Jd0bEcyy35g%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7f317bfb2b911e6c-FRA
expires
Sun, 30 Jul 2023 22:48:40 GMT
/
t.unblockia.com/ 		0
272 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://t.unblockia.com/?sid=1734&o=1&b=1&p=1&t=4
Requested by
Host: cdn.unblockia.com
URL: https://cdn.unblockia.com/h.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:3000:10:be65:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx/1.20.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
via
1.1 2177a1d449a3e8dc7269040f15d81cb0.cloudfront.net (CloudFront)
server
nginx/1.20.0
x-amz-cf-pop
ZRH55-P1
x-cache
Miss from cloudfront
content-type
application/json
access-control-allow-origin
*
access-control-expose-headers
*
content-length
0
x-amz-cf-id
lxtqo9KgxQRJr_OxM5RjafHsH4UxT0uSP4Tz3RoHVwN_4H5EBGIlRQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A57D 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 06:23:09 GMT
x-amz-cf-pop
FRA56-P3
age
42521
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
suWQ-z-xSSyJmixgGzMuo6uoTmatKVSmm1kR__fQXsH6yFoIcacniQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame A57D 		352 B
701 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.casho.la&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
39ba9a323ddcb12da804bf4c7ffad66c4d43029810278fc909936d924dab16bf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.casho.la
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
352
x-amz-cf-id
enrlLqcRozj-5mWMG8lYB2wiQykrioyfOwWGuDv3g7ZDYjZUW5D8xQ==
AVmanager.js
player.aniview.com/script/6.1/ Frame A34E 		476 KB
128 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62d0073a5831594d4e154ea4
Requested by
Host: player.avplayer.com
URL: https://player.avplayer.com/script/8.3/v/avcplayer.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:2be::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu7ClBSN95X8tOhxFLVY58PG2p03KSTrwJXPA-tmoKV1UUjqjoZmsUE_65vFlq0LsDw4LJM7rEY2n4tvYZnM6tIuz6Npb4M
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
130379
last-modified
Mon, 07 Aug 2023 11:55:06 GMT
server
UploadServer
etag
"25aee45ea3338112064b801c98043832"
vary
Accept-Encoding
x-goog-generation
1691409306508079
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=dQhmYQ==, md5=Ja7kXqMzgRIGS4AcmAQ4Mg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
130379
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:21:49 GMT
e38937dbf8202c144802.woff
player.avplayer.com/script/8.3/v/assets/ 		36 KB
36 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/assets/e38937dbf8202c144802.woff
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
6a156519b783c083e2c25ed5c49c00dd956d6be26a347ef09a77221abbed33e9

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 14:59:09 GMT
etag
"1690988349"
x-hw
1691431909.dop224.fr8.t,1691431909.cds127.fr8.hn,1691431909.cds203.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
36526
31d54a4b841c0e438f13.woff
player.avplayer.com/script/8.3/v/assets/ 		34 KB
35 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://player.avplayer.com/script/8.3/v/assets/31d54a4b841c0e438f13.woff
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
/
Resource Hash
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
gzip
last-modified
Wed, 02 Aug 2023 14:59:09 GMT
etag
"1690988349"
x-hw
1691431909.dop224.fr8.t,1691431909.cds127.fr8.hn,1691431909.cds157.fr8.c
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=600
accept-ranges
bytes
content-length
35197
vidcrunch.svg
cdn.vidcrunch.com/integrations/ 		1 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.vidcrunch.com/integrations/vidcrunch.svg
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.238.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ab1382c70c0a537459c8eec56c1d9f6a66caab98eccb6b7fa057309aae36c99e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
last-modified
Mon, 21 Jun 2021 09:40:53 GMT
server
AmazonS3
x-cdn
Lumen
x-amz-request-id
3N6Z326MMMA7CHYH
age
1610614
etag
"1c9fbc73f4d739ceb1acb5dd88d42d30"
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=5184000
accept-ranges
bytes
content-length
1227
x-amz-id-2
CDe1hTSidcVrnZHHADbE/kMBDKLAUEF5UFATsy7Nbk0HmP34W1v6NaHBK5RkwzUYJ0syWQtipDc=
expires
Mon, 18 Sep 2023 02:48:16 GMT
video.min.js
player.globalsun.io/player/video.js-new/dist/ 		554 KB
158 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/video.js-new/dist/video.min.js?v=3.2.28
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fa8700eaa4be8549203564d995f821f6ca7aa0e5dd84e61c805ecc9a3a0cd74f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 17 Oct 2022 15:06:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
30164
etag
W/"634d6f6e-8a6e2"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a5lROWmmM7fiDe%2FjaJLVzONmHGvprjLIboWUxNUb39UDJV6ZM7HJgt7Vitq4GKlNJoUAGtXD0M8cANBnISw5imqc7I%2B%2BodzO6NIhCS8kf%2F9%2Fht30t2WtVFl12%2FN935k2XnMDHExM9ezhRWZoTZsSTSAa"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7f317bfcdbbf90dc-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 08 Aug 2023 09:49:05 GMT
videojs.ima.min.js
player.globalsun.io/player/videojs-ima-new/dist/ 		37 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/videojs-ima-new/dist/videojs.ima.min.js?v=3.2.28
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e9ebd714243264393b54c89d034e20601df9b92b4ead1e0ae4df42d61f47fe26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Tue, 29 Nov 2022 13:51:56 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
30165
etag
W/"63860e7c-93d7"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=t0eeBnchHTIzgwTr62tj%2FRYdOilaiEdEDpi0eeL0WiFkVmGJ6TYm7GHDONFFoJYfmSa%2Fy7u9dzrsbd5psbz1Iygwov6mU%2F3rAFDz8hx2fCdchsZ85pT0kTAF3CXt5AqQouUCp6iTGDAysMN9%2BfVG0Myk"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7f317bfcdbc190dc-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 08 Aug 2023 09:49:04 GMT
videojs.ads.min.js
player.globalsun.io/player/videojs-contrib-ads/dist/ 		23 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.globalsun.io/player/videojs-contrib-ads/dist/videojs.ads.min.js?v=3.2.28
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a474eb4de90110baa24fa4c32e2ab48e7f84ea67d40f3435cfa8191826f946a4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sun, 05 Sep 2021 09:22:37 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
30165
etag
W/"61348c5d-5a48"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=CggK7S5S08aWfApkcT7Tus74nWsv4%2FkwY9ReDX10UdtDq7l1jxP26%2BPMMnLyrA5IQf802u%2FQv9zFDg6lyTZ%2B3VPmQs8AeWfu21yCyMF%2Bt7nZNYSC7JRhKLidScaJs13NlPhAdclEWn1F0La8hPWDqSNL"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
max-age=86400
cf-ray
7f317bfcdbc290dc-FRA
alt-svc
h3=":443"; ma=86400
expires
Tue, 08 Aug 2023 09:49:04 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ 		345 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: player.globalsun.io
URL: https://player.globalsun.io/v/2.0/content-player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121802
x-xss-protection
0
expires
Mon, 07 Aug 2023 18:11:49 GMT
truncated
/ 		380 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
logo-color.png
player.globalsun.io/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://player.globalsun.io/logo-color.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:dfab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62a60e96b24ca6549e96b8f77fab54e728a6b878c9fbe2ebe6abb66cef31b7f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:49 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
70304
alt-svc
h3=":443"; ma=86400
content-length
22692
last-modified
Mon, 06 Dec 2021 10:59:31 GMT
server
cloudflare
etag
"61aded13-58a4"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=saKVqKgxRNf8xHa%2BYq65QTFkefsCo7yJsUB6b9aGdvQKQrsGBoGHwC6Z3nHCv2TB%2By9YRb5imH3OQupPjH4A187SqihXFawwLB6pLwsUOGBRCFp%2BAv%2B934dUwDgRJyBrnqgKzt9O7MOtTr%2FEUDAdYxzx"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=86400
accept-ranges
bytes
cf-ray
7f317bfcdbd090dc-FRA
expires
Mon, 07 Aug 2023 22:40:05 GMT
/
geo.privacymanager.io/ 		28 B
606 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://geo.privacymanager.io/
Requested by
Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.183.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-183-122.zrh55.r.cloudfront.net
Software
/
Resource Hash
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 01:27:25 GMT
via
1.1 e41703af87be84ac95b3cadf9d8dd470.cloudfront.net (CloudFront), 1.1 b03c46754456cd1729ff37c2faafd4ec.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P3, ZRH55-P1
age
60265
x-amzn-requestid
f7cca1f4-f456-4bf5-bffc-6b476b4730d1
x-amzn-trace-id
Root=1-64d0487d-6088e96f20f7cc7e390392b3;Sampled=0;lineage=06620786:0
access-control-allow-methods
DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type
application/json
access-control-allow-origin
*
x-cache
Hit from cloudfront
x-amz-apigw-id
JRBDlGbYjoEFc6Q=
content-length
28
x-amz-cf-id
pNftNuJ1QGiar0OEKHv1mwRenWka_wfgo-rFUtAnktjMevt8sUdO2A==
access-control-allow-headers
Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token
mplayer-bridge.html
vms-players.minutemediaservices.com/ Frame AC34 		1 KB
909 B 		Document
General
Check archive.org
Download Go to
Full URL
https://vms-players.minutemediaservices.com/mplayer-bridge.html
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:e600:2:4149:df00:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e1d2f7d8fd957b12792fc62e567ebcd9e697f63a42e3dd023f02bd370d7c5640

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
551319
alt-svc
h3=":443"; ma=86400
cache-control
private, max-age=1800
content-encoding
gzip
content-type
text/html
date
Tue, 01 Aug 2023 09:03:12 GMT
etag
W/"e97239360af3389bafb536d4d0bdb35f"
last-modified
Tue, 20 Dec 2022 11:11:02 GMT
server
CloudFront
vary
Accept-Encoding Origin
via
1.1 633b37c269943f0b3472e0abe1a07b2c.cloudfront.net (CloudFront)
x-amz-cf-id
4l2x1mB-LIiHD3MfgpCbeZ8lfntTeTVDOO9C1Ku_x93AxDCsB1knrw==
x-amz-cf-pop
ZRH55-P1
x-amz-server-side-encryption
AES256
x-amz-version-id
.9RAF9XlHfXzYtZBMnFKExfBF741L2yh
x-cache
Hit from cloudfront
wzMM.logger.js
content.wazimo.com/engine/common/widgets/mmlogger/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://content.wazimo.com/engine/common/widgets/mmlogger/wzMM.logger.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:450 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d3282900f478b5abd8d6e76d85a16e6d6ec60adba9b7648ff8e6c881505d9ab

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
content-encoding
br
cf-cache-status
HIT
cf-bgj
minify
last-modified
Tue, 07 Jun 2022 13:56:58 GMT
server
cloudflare
age
4155
cf-polished
origSize=1534
etag
W/"629f592a-5fe"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dpIC9FFA8EVhAoZztR9jXYOecI8x2JC7pthRNyJxxcCqsfpMIIMngWJzuXI0%2B60B3zq%2BEYhfxbNjdCtMMjpF%2FZt70WXEatJKtyAPV8Ci7ydb6NV8bXoJaLBcASNydyyRkoY1Sv60Wu93q%2F98V7Dbhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cache-control
max-age=14400
cf-ray
7f317bfe59f0363e-FRA
mux.js
www.oo-syringe.com/prod/ 		337 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/mux.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1000:3:64bd:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
6323865009dcb5c3a76c9f8dfb485d28eeceec77f8783565265e2c378d37e3d6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 15 Jul 2023 01:52:36 GMT
x-amz-version-id
zKDr1tGTeMrjUohEczWF1VZiqUanfaXu
content-encoding
br
last-modified
Thu, 06 May 2021 12:05:42 GMT
server
CloudFront
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
etag
W/"6d13ad5f29e69baba39798f1074bc746"
age
2045955
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
private, max-age=1800
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
Xf02HiLQHf2OiCPSPpQL0AWJPhzeczuwy_1gmdlhr1Bk6DesEs6biQ==
datadog-logs-v4.js
www.datadoghq-browser-agent.com/ Frame 64C8 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.datadoghq-browser-agent.com/datadog-logs-v4.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.225.83.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-225-83-103.fra2.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
5c4d187b944496b78f9da0e4a90492ad47db4fe0eb9e5e7d2f4ee15d69a5fbca

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
content-encoding
gzip
via
1.1 04ce5a607a98db6d08257633417b84d6.cloudfront.net (CloudFront)
last-modified
Fri, 28 Jul 2023 08:19:32 GMT
server
AmazonS3
x-amz-cf-pop
FRA2-C2
age
5
x-amz-server-side-encryption
AES256
etag
W/"e1532946bf6410cd633cb9bc1f75a809"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=14400, s-maxage=60
timing-allow-origin
*
x-amz-cf-id
QheDqkKV19ZZadNblDL8NOPn-T_HOi_oGqWMVQf7mIIe__WAbjrOkQ==
mplayer_controls_plugin.4.4.85.js
www.oo-syringe.com/prod/players/ 		70 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_controls_plugin.4.4.85.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1000:3:64bd:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
831c7cf998ebfdecf34e7d7d7ec3e94f40539b61f37dba03af486c2d2c76187d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 02:29:36 GMT
x-amz-version-id
q5Q.ztmgRf9xQOw8vedX6tPiKyDg7yMw
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
1093335
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Jun 2023 08:57:31 GMT
server
CloudFront
etag
W/"b227834fe8abdfdab74721b25a07f2a4"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
private, max-age=1800
x-amz-cf-id
q5om9WGrunCS6Oa6SLRgTg_Qi-ngVyDUTWF5QuqBcfjKhdK5yMZ-Aw==
mplayer_more_videos_plugin.4.4.85.js
www.oo-syringe.com/prod/players/ 		25 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_more_videos_plugin.4.4.85.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1000:3:64bd:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4ae11c22309d6edf6d127ec84179d8879329ae0d413164d729cc778f016f4f04

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Wed, 26 Jul 2023 02:30:54 GMT
x-amz-version-id
pTI.ujubfBrFCABAcudeLRV29D.PDn0X
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
1093256
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Jun 2023 08:57:31 GMT
server
CloudFront
etag
W/"bd87f61d491c893c27d4c443bd42bf8b"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
private, max-age=1800
x-amz-cf-id
JmafffsiUXtRy951_gvsdJ1XkvmkpifuhV3CRwSHfR5cqdug-aGr5Q==
mplayer_read_more_plugin.4.4.85.js
www.oo-syringe.com/prod/players/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_read_more_plugin.4.4.85.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1000:3:64bd:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
e0eef7abfd165a46a09a1950acb40a17eb20335e43837e939edd4eaeae061b26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 25 Jul 2023 07:54:37 GMT
x-amz-version-id
UDku4HIa5RTo8oG1yQLCgHlI5hBgeJZB
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
1160234
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Jun 2023 08:57:31 GMT
server
CloudFront
etag
W/"f1404222586c79dccc2feaaf319cbdbc"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
private, max-age=1800
x-amz-cf-id
WiVbdPp8UMp9sm2RxDuan7w1iwl8D6_glWYPD6ZmW-8CawCzh8W9YA==
mplayer_anchor_plugin.4.4.85.js
www.oo-syringe.com/prod/players/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_anchor_plugin.4.4.85.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1000:3:64bd:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
eceb8f45ef70565ff01009867dd39f47dc2e1a2ea5ec1f59214c9c36c8a1d6b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Fri, 14 Jul 2023 00:33:37 GMT
x-amz-version-id
PX.Rbu7KpM_68veXntxrGuMYiYe3QNzC
content-encoding
br
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA53-C1
age
2137094
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Jun 2023 08:57:31 GMT
server
CloudFront
etag
W/"86523378ba5d389a8a003461ffb3db0c"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
private, max-age=1800
x-amz-cf-id
3RanPumdxYmRgWizqLKO2DMn89kohtQtpfRL-nKeoaW7znIiENKu4Q==
videos
content.voltaxservices.io/playlists/01g11pjh9my1w3p971/ 		145 KB
29 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://content.voltaxservices.io/playlists/01g11pjh9my1w3p971/videos?url=jvvru%253C11yyy0ecujq0nc1lqg%252Fdkfgp%252Fjkpvu%252Fc%252Frqvgpvkcn%252Fvcz%252Fjkmg%252Fqp%252Fqkn%252Feqorcpkgu%252Fxgt%257B%252Fuqqp1&origin=www.casho.la
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:2e00:1:96ec:5bc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
77277ddb242c4f2b3b10dc2b8c50f219c2c9f37d95ba59eb849a109c9e65a673

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
content-encoding
gzip
via
1.1 abd012b9637ad93b7c9aa82d2cfb262c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH55-P1
vary
Accept-Encoding
access-control-allow-methods
PUT, POST, DELETE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=60
restricted-videos-ids
01f1cdpsa50hkvffps,01g3ch6jcg0sbde19rtx,01g3cjz8d9v9qyn9wjq1,01g3cpeymkvvhbzckmaf
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
x-amz-cf-id
Ycj-Z1ZGmqMVABTwEfQZHY33jg_Mn3vMVzF6nKRXl8pKIzP8Aww5ag==
clarity.js
www.clarity.ms/s/0.7.8/ 		57 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.clarity.ms/s/0.7.8/clarity.js
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/tag/ffk27manqd
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:46::60 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
content-encoding
br
last-modified
Thu, 03 Aug 2023 18:09:07 GMT
etag
W/"0x8DB944CBA967FA5"
vary
Accept-Encoding
x-azure-ref
20230807T181150Z-wcvk1uqqdd1hme2ffeykdrrwr40000000a0000000000gys8
content-type
application/javascript;charset=utf-8
access-control-allow-origin
*
x-ms-request-id
49ed5dc9-401e-0025-2238-c687a7000000
cache-control
public, max-age=86400
x-cache
TCP_HIT
x-ms-version
2018-03-28
sync
s.cpx.to/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=captify_dmp&google_cm&dsp=dbm
  • https://s.cpx.to/sync?dsp_uid=CAESEIK2GfIaMJjfN431ipaO1HQ&dsp=dbm&google_cver=1
0
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp_uid=CAESEIK2GfIaMJjfN431ipaO1HQ&dsp=dbm&google_cver=1
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
18.200.218.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-218-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 07 Aug 2023 18:11:50 GMT
date
Mon, 07 Aug 2023 18:11:50 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:50 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://s.cpx.to/sync?dsp_uid=CAESEIK2GfIaMJjfN431ipaO1HQ&dsp=dbm&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
284
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cm
u.openx.net/w/1.0/ 		43 B
304 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/cm?id=f0f39a70-2c21-4d5d-af4b-7350637edcd5&r=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3DOPENX%26dsp_uid%3D%7BOPENX_ID%7D
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:50 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
fire.js
s.cpx.to/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fs.cpx.to%2Ffire.js%3Fdsp%3Dapp_nexus%26dsp_uid%3D%24UID%26pid%3D12762%26ref%3Dhttps%253A%252F%252Fwww.google.com%252F%26url%3Dhttps%253A%252F%252Fwww.c...
  • https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=5730477144318325021&pid=12762&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-compani...
42 B
42 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=5730477144318325021&pid=12762&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&hn_ver=57&fid=3bb29eab-7bce-4df0-ab0f-ea12b2a0b28b
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
18.200.218.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-218-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DEV ADM"
date
Mon, 07 Aug 2023 18:11:50 GMT
content-length
42
expires
Mon, 07 Aug 2023 18:11:50 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:50 GMT
an-x-request-uuid
87597658-1110-477e-a6c6-f880e9709799
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://s.cpx.to/fire.js?dsp=app_nexus&dsp_uid=5730477144318325021&pid=12762&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&hn_ver=57&fid=3bb29eab-7bce-4df0-ab0f-ea12b2a0b28b
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
s.cpx.to/
Redirect Chain
  • https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fs.cpx.to%2Fsync%3Fdsp%3Dpubmatic%26dsp_uid%3D%23PM_USER_ID
  • https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
0
313 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
18.200.218.194 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-200-218-194.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

expires
Mon, 07 Aug 2023 18:11:50 GMT
date
Mon, 07 Aug 2023 18:11:50 GMT
p3p
CP="NOI DEV ADM"

Redirect headers

location
https://s.cpx.to/sync?dsp=pubmatic&dsp_uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
date
Mon, 07 Aug 2023 18:11:50 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
ppr97s92no64nr30p5nqr5ss1osp6ss7base.en.vtt
d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ 		7 KB
7 KB 		TextTrack
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/cc_text/ppr97s92no64nr30p5nqr5ss1osp6ss7base.en.vtt
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
683bea3e85219915f02b2d79f702f6b659225772cfa3d8f4de2faf351b54e556

Request headers

Referer
https://www.casho.la/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
content-length
6796
last-modified
Mon, 07 Aug 2023 16:45:35 GMT
server
AmazonS3
etag
"e668028db8153325f0a7695855299af0"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
text/vtt
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
accept-ranges
bytes
x-amz-cf-id
Ayo5MdCt9rdk7sLv7cZomCUH0MnBFzcNYrPZzWfmb3exQKHFjRbUEA==
truncated
/ 		480 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
site
hhkld.com/logs/req/ 		43 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/req/site?sid=105507&uid=50b80a04-b567-4a9f-b1e3-47fb35fb0986&event=playerLoaded&v=20&cb=1691431910683
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-ffe075f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
last-modified
Fri, 04 Aug 2023 17:20:08 GMT
server
nginx
etag
"64cd3348-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
dsp
hhkld.com/logs/event/ 		43 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=105507&tids=17429&v=20&cb=1691431910687
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-ffe075f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
last-modified
Fri, 04 Aug 2023 17:20:08 GMT
server
nginx
etag
"64cd3348-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame C7A7 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524503
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 1B3F 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2133
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
integrator.js
adservice.google.com/adsid/ 		107 B
456 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.casho.la
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
in_search.js
resources.infolinks.com/js/1878.017-3.027/ 		225 KB
89 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1878.017-3.027/in_search.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
96631ba09cd178b4178b650ce6339886b98b16653ef5dc13e0f90ed189846435

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 08:52:53 GMT
server
cloudflare
age
9530
etag
W/"38515-601d8ac307218"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317c025b191ad4-FRA
expires
Wed, 06 Sep 2023 15:32:59 GMT
bubble.js
resources.infolinks.com/js/1878.017-3.027/ 		156 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1878.017-3.027/bubble.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca7475c12f2dc8ab022889d4bd835687f7f978784757d768d4cc319933e8b9fa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 08:52:53 GMT
server
cloudflare
age
10936
etag
W/"270b1-601d8ac307600"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317c025b1a1ad4-FRA
expires
Wed, 06 Sep 2023 15:09:34 GMT
tweet.b81b6d7af2d75db873cff6099e4f433a.js
platform.twitter.com/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/js/tweet.b81b6d7af2d75db873cff6099e4f433a.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F33F) /
Resource Hash
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:50 GMT
Content-Encoding
gzip
Age
413928
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
2700
Last-Modified
Tue, 24 Jan 2023 21:41:06 GMT
Server
ECS (via/F33F)
Etag
"09ec5707a836b9e4f4427dcddd1d0c64+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
28d04b5e521f93082f7416942366c0ce.mp4
cdn.vidcrunch.com/integrations/63fde487a4e05ddd840af308/63fdf181a4e05d21580b04c5/ 		5 MB
5 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://cdn.vidcrunch.com/integrations/63fde487a4e05ddd840af308/63fdf181a4e05d21580b04c5/28d04b5e521f93082f7416942366c0ce.mp4
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
8.238.30.250 , United States, ASN3356 (LEVEL3, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
101e567d6d749072d52d632bd5b39897278fa4ce9fa7750d57fc892ba842499f

Request headers

Referer
https://www.casho.la/
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range
bytes=0-

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
last-modified
Tue, 28 Feb 2023 13:57:40 GMT
server
AmazonS3
x-cdn
Lumen
x-amz-request-id
TNJY6YKWC109DSFY
age
3389116
etag
"28e19725d4ac6ea85607601d19dbb1bf"
content-type
application/octet-stream
access-control-allow-origin
*
Content-Range
bytes 0-5015960/5015961
cache-control
max-age=5184000
Content-Length
5015961
x-amz-id-2
h28eKkZERWtmvLXdgBLA5nSoknOSW45Bsv6ow4Fau+G5gG+Zwr6NCoXuRpIbeCs7XeRcvK7zbYI=
expires
Mon, 28 Aug 2023 12:46:36 GMT
js
www.googletagmanager.com/gtag/ 		219 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-J9WFNRQLJJ&cx=c&_slc=1
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
13788b39504e716aff3525330ed3f9ffbc156dfad9728207fdb9825d11eb6e68
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
79817
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 07 Aug 2023 18:11:50 GMT
truncated
/ 		177 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		515 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		242 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
12o46q643rns6rr808p0q9n746535qnr.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		1 KB
827 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/12o46q643rns6rr808p0q9n746535qnr.m3u8
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
0978ce95f8aea87c48a8ebcf5127fbd78847f9d79caa84e4ff876752b4249a3d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Mon, 07 Aug 2023 16:45:33 GMT
server
AmazonS3
etag
W/"70ddff4550a166e2ef2ca36eaca0a08b"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
HiF9mdji-a9LbMdvZ6xItdAQ2WSMAVmAU9ccV_S6M4KHZOjukBHwmQ==
geo
cdn.mmctsvc.com/.mc/ 		58 B
363 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://cdn.mmctsvc.com/.mc/geo
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:20eb:ea00:19:4ac0:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
4b6825f49ba2b9c5e73dd794e4fd78043ce2c82a6634a9d8850fd56a1a754c1b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 10:20:09 GMT
via
1.1 3aed5a4f89d72775aaf2cc5a5f642386.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
FRA2-C1
age
201102
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
cache-control
max-age: 31536000
alt-svc
h3=":443"; ma=86400
content-length
58
x-amz-cf-id
unyaafiCD9bsi59eQ8pO4prZkDm9sgrrnNO-K5utzKP1JdkOYrySWQ==
large-poster.jpg
content1.avplayer.com/5b59760c073ef46a2e6b8f13/videos/646203de38ee91bfbb0e3193/ 		30 KB
30 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://content1.avplayer.com/5b59760c073ef46a2e6b8f13/videos/646203de38ee91bfbb0e3193/large-poster.jpg
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.16.175.10 , United States, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
hwcdn.net
Software
UploadServer /
Resource Hash
8fd93f26b382f4e99897bcbd4d4fe54a7c225d75ee6a3aac208f670b2537f079

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:50 GMT
x-guploader-uploadid
ADPycduhG8d2efDFfLi2wly5GEBownD6HnBiIJnY3nD3mY_SXumZoW5Fn5PZJKLWgkNol3SbxC0KfY_ZjrjuL04GWQUYQ74nscZL
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
30615
last-modified
Mon, 15 May 2023 10:05:24 GMT
server
UploadServer
etag
"0448c4a699f1de1ee27707a5a79d9fde"
x-goog-generation
1684145124048203
content-type
image/jpeg
access-control-allow-origin
*
x-goog-hash
crc32c=0teaGg==, md5=BEjEppnx3h7idwelp52f3g==
access-control-expose-headers
Content-Type, range
cache-control
public, max-age=2592000
x-hw
1691431910.dop244.fr8.t,1691431910.cds140.fr8.hn,1691431910.cds144.fr8.c
x-goog-stored-content-length
30615
accept-ranges
bytes
css2
fonts.googleapis.com/ 		3 KB
458 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700;800;900&display=swap
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Mon, 07 Aug 2023 18:11:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Mon, 07 Aug 2023 18:11:50 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 07 Aug 2023 18:11:50 GMT
lib_watermark.js
ads.themoneytizer.com/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_watermark.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
a72baa0c1d82bdc8930d5e2698d3ef2173094bd40ef2d157e6b3e49fab07ba44

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:50 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
51049
x-accel-date
1691380861
x-77-nzt
AZySIYvbRo//accAAA
pragma
public
x-accel-expires
@1691467261
last-modified
Mon, 24 Apr 2023 13:12:59 GMT
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e633d1644b877836
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 08 Aug 2023 04:01:01 GMT
lib_footer_slidein.js
ads.themoneytizer.com/ 		25 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/lib_footer_slidein.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/s/requestform.js?siteId=93644&formatId=6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
ca039c9541f1a5f8eb157df578e50664f9e775b18c6a3ff4e9fca87701e93557

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:50 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
51049
x-accel-date
1691380861
x-77-nzt
AZySIYvTBWz/accAAA
pragma
public
x-accel-expires
@1691467261
last-modified
Fri, 02 Jun 2023 13:02:33 GMT
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e633d164af46f636
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=86400, public, no-transform
expires
Tue, 08 Aug 2023 04:01:01 GMT
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931034&asId=aa5a4f7f-6067-a2f1-9538-2ab430a49491&tv=%7Bc:kD7skb,pingTime:-10,time:3700,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTE1LjAuNTc5MC4xNzAgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1691431910923%7C%7C4ab0fbd182b2a8c8efce9fdbae6b588b%7C%7C37d7be34f85ebd2dc555d2e13b92cc86%7C%7C5f023c47e9e1614ac0335b3cdf3c5364%7C%7C4307a987b0b80f4a1fafb7441260697d%7C%7Cbfcaa6cec2d2b431690d12d036f454fb%7C%7Ca3a506b12b40f6a98d41ee1ca9393dc7%7C%7C0f9b0f18ede17c5ca6f2c91558e4f527%7C%7C1663701684,im:%7Bimprf:%7Bttecl:2301,ecd:76,tsecr:792%7D%7D,env:%7Bnr_p:1,nr_publ1:1,nr_grpm1:1%7D%7D
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1be6:f1b0:79a9:85e7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
server
nginx
x-server-name
dt02.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
headerstats
as-sec.casalemedia.com/ 		0
0
5db5af8628a061787a11d5aa.json
serv-selectmedia.com/cdn/mcm/ 		212 KB
212 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/mcm/5db5af8628a061787a11d5aa.json
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42e2459cc3695823eb776a61c5db7635f85baef2eb5b34be824ceaf62d41ae5d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
age
0
x-guploader-uploadid
ADPycdtgtEGtmaI-YR5KR9n6P60Wtf_r39qcmlg9QL6GDa6-B1vtIjMH3CnsSMKaDAwwQtWXyrIXkFJ7RbBfOsAaA8qzLCpEvZU7
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
216810
last-modified
Mon, 07 Aug 2023 17:49:11 GMT
server
UploadServer
etag
"93221367588dbf2120854d651f62c359"
x-goog-generation
1690940075989015
x-goog-hash
crc32c=iWlcew==, md5=kyITZ1iNvyEghU1lH2LDWQ==
access-control-allow-origin
*
access-control-expose-headers
Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
216810
accept-ranges
bytes
content-type
text/plain; charset=utf-8
b75d12e4-3091-4c6f-a6d9-d5deaf55fb5e
sm1.selectmedia.asia/cdn/files/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sm1.selectmedia.asia/cdn/files/b75d12e4-3091-4c6f-a6d9-d5deaf55fb5e
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42cab56dd4465e77898e29ece8fe8666f9f87c7dd9bd8d8b3d04acfa29df5c03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:15:31 GMT
age
3380
x-guploader-uploadid
ADPycdsBrzZqcHUqoP5vv5stuLRC6OFFuRa-t3qnOdRZ_5j8nflt5MiFnUV2QPr9cuNqwSHX8pxiMuR3Js1aqwrYYo-36yTYLEzP
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38090
last-modified
Wed, 24 May 2023 12:08:15 GMT
server
UploadServer
etag
"21313ebfa74ce0eba483653286539ba1"
x-goog-generation
1684930095022719
x-goog-hash
crc32c=mWBMWg==, md5=ITE+v6dM4Oukg2UyhlOboQ==
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
38090
accept-ranges
bytes
content-type
image/jpeg
videojs.ads.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		91 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ads.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
content-encoding
br
cdn-edgestorageid
1076
cdn-storageserver
DE-165
cdn-cachedat
04/28/2023 23:22:37
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:21 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
577
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf625-16c3c"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
44cc19090b4143b0b776e59ad8020d9a
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
videojs.ima.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		84 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs.ima.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
content-encoding
br
cdn-edgestorageid
1077
cdn-storageserver
DE-165
cdn-cachedat
07/07/2023 01:07:44
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:22 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
339
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf626-14fe2"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
5aa26325558900c5c1e8130fc6243bf2
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
can-autoplay.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/can-autoplay.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-572
cdn-cachedat
04/04/2023 10:10:14
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:16 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
565
cdn-requestpullcode
200
cdn-proxyver
1.03
etag
W/"642bf620-2ae4"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
eaf48b73d6b6128ff03845fd4312ee67
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
videojs-playlist.min.js
cdn.unibotscdn.com/ubplayer/dist/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.unibotscdn.com/ubplayer/dist/js/videojs-playlist.min.js
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
content-encoding
br
cdn-edgestorageid
865
cdn-storageserver
DE-680
cdn-cachedat
07/28/2023 09:37:51
cdn-pullzone
873945
last-modified
Tue, 04 Apr 2023 10:04:20 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
573
cdn-requestpullcode
200
cdn-proxyver
1.04
etag
W/"642bf624-13b1"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
e99a48b39dbd88d100e90690218fad20
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame A57D 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 07 Aug 2023 18:26:51 GMT
bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
bid.underdog.media/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/bc_UZYxC75kqDLRiEd9GoEYOmovVVM.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.21.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:1c00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
0937140627df60ef2b3fb454f37d12e470769d5ad4068bac777985aa69805ea6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:06:12 GMT
content-encoding
gzip
via
1.1 fa2f998214db1c6c6bdb96ceff3ce5d8.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 18:00:08 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
340
etag
"0345bc1f6169832b1cad1a405eb55906"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=1800
accept-ranges
bytes
content-length
1229
x-amz-cf-id
QBC8GzDe8qpy2-6Z_V1nd65rsUvhmfkMGwgJrrVrMShlADW9WGSg3g==
rrv7.js
bid.underdog.media/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bid.underdog.media/rrv7.js
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.21.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:1c00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3610e0e316ea7de842a7e924d11d705ab75906abcdaa0c79f42fbd5cb1802691

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:40:14 GMT
content-encoding
gzip
via
1.1 fa2f998214db1c6c6bdb96ceff3ce5d8.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 17:30:03 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
1898
etag
"cdfafb6ce2c92c2e4ebce33791ebc074"
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-type
application/x-javascript
cache-control
max-age=7200
accept-ranges
bytes
content-length
942
x-amz-cf-id
VYhXZQK-ugBSabEpqqKBDSwG3Ky5D_MiT1D1nQxxMd7XbGE6JQMzhA==
cdb
bidder.criteo.com/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?profileId=207&av=36&wv=8.3.0&cb=31917176414&lsavail=1
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.21.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:50 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
arj
underdogmedia-d.openx.net/w/1.0/ 		73 B
203 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=%2C%2C%2C&nocache=1691431911338&pubcid=3146f6fc-3abb-4d61-88f5-4c3e446061c4&schain=1.0%2C1!udmserve.net%2C2751%2C1%2C%2C%2C&aus=728x90%7C300x250%7C160x600%7C300x600&divids=slider-middle-728x90%2Cslider-300x250%2Cslider-160x600%2Cslider-300x600&aucs=slider-middle-728x90%2Cslider-300x250%2Cslider-160x600%2Cslider-300x600&auid=558951699%2C558951700%2C558951701%2C558951703&aumfs=120%2C120%2C120%2C120
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.21.3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
a7c6f8a24a23d457bf04ea344732453843aac17115fa075e235934b019c5a164

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.casho.la
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.21.3.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
8ba56484afa0179850c9cd6881041becf124e2c1fb8f648b00f0ed433c1296cd
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
an-x-request-uuid
45e2d20f-e38e-440e-822e-71a2222471c4
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
471
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ 		331 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		740 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		384 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		782 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		395 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		449 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		577 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
/
go1.aniview.com/api/adserver/tag/ 		20 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://go1.aniview.com/api/adserver/tag/?AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&AV_PUBLISHERID=5d8ccec528a0617cae5a0755&AV_CHANNELID=62ea3ab579d12c3cc207d375&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.casho.la&AV_DADPOS=1&AV_OPLACEMENT=5&AV_TAG=62ebd7e33bf98a75fe291dc5&AV_TEMPLATE=62ebcf9f165d3b6961339c66&AV_GPID=casho.la_floating_right_1&d36=6.2.121&responsive=1&sver=4&avtoken=911479&omv=1.0.1&clsid=67d1508f-ef8d-49cc-adaa-97bc2d6b3469&rando=98&AV_WIDTH=462&AV_HEIGHT=360&AV_DNT=0&cb=1691431911481&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.96.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-96-115.compute-1.amazonaws.com
Software
/
Resource Hash
8d03f90fa61a24bc58efc772d6fba14d83002059f543727701422766296bfd26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.casho.la
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 27 Jul 2023 04:25:11 GMT
track
track1.aniview.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track1.aniview.com/track?r=www.casho.la&sn=&ic=0&tgt=0&app=&wi=462&he=360&test=&d36=6.2.121&apppkg=&fv=1&proto=https&clsid=67d1508f-ef8d-49cc-adaa-97bc2d6b3469&rando=98&pid=5d8ccec528a0617cae5a0755&cid=62ea3ab579d12c3cc207d375&stagid=62ebd7e33bf98a75fe291dc5&stplid=62ebcf9f165d3b6961339c66&e=inventory&vi=61&cb=1691431911480
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.3.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-3-149.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
/
serv.vidcrunch.com/api/adserver/tag/ 		11 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv.vidcrunch.com/api/adserver/tag/?AV_TAGID=644b96f57dd612596d007c54&AV_PUBLISHERID=62d0073a5831594d4e154ea4&AV_DURATION=60&AV_VIDEOURL=https%3A%2F%2Fcdn.vidcrunch.com%2Fintegrations%2F63fde487a4e05ddd840af308%2F63fdf181a4e05d21580b04c5%2F28d04b5e521f93082f7416942366c0ce.mp4&AV_SLOTT=-2&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&AV_CHANNELID=62fbbbcc73cc6f17ea0b4625&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=servt.vidcrunch.com&pce=1&npx=1&AV_DETDOMAIN=www.casho.la&AV_DADPOS=3&AV_OPLACEMENT=1&AV_TAG=644b96f57dd612596d007c54&AV_TEMPLATE=6464d20d35dbda87cc0d79ae&AV_GPID=/62d0073a5831594d4e154ea4/644b96f57dd612596d007c54/www.casho.la&d36=6.2.121&responsive=1&sver=4&avtoken=911531&omv=1.0.1&AV_D65=Active&AV_D66=8.3.15&clsid=579bed9c-98c3-421c-a3fd-124059ea4839&rando=85&AV_WIDTH=417&AV_HEIGHT=235&AV_DNT=0&cb=1691431911534&wfc=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62d0073a5831594d4e154ea4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.211.96.115 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-211-96-115.compute-1.amazonaws.com
Software
/
Resource Hash
f621b902b9adbd352e8973dc8f7e119a1ed7ba68af5db652552bc893f470dd23

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.casho.la
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 27 Jul 2023 04:25:12 GMT
track
servt.vidcrunch.com/ 		0
97 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://servt.vidcrunch.com/track?r=www.casho.la&sn=&ic=0&tgt=0&app=&wi=417&he=235&test=&d36=6.2.121&apppkg=&fv=3&proto=https&d65=Active&d66=8.3.15&clsid=579bed9c-98c3-421c-a3fd-124059ea4839&rando=85&pid=62d0073a5831594d4e154ea4&cid=62fbbbcc73cc6f17ea0b4625&stagid=644b96f57dd612596d007c54&stplid=6464d20d35dbda87cc0d79ae&e=inventory&vi=0&cb=1691431911533
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.59.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-59-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
tbframe.js
cdn.taboola.com/shared/ Frame 31F2 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/shared/tbframe.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding
gzip
via
1.1 varnish
date
Mon, 07 Aug 2023 18:11:51 GMT
x-amz-request-id
MCM1KHZQ99PATK44
age
7530
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
3897
x-amz-id-2
3cN240z7ry+s7Kwg9LeEjeQBVZMFOPLGyhDaLTZrdACRpjINdFQsHertPTbjazUY2QiiVVK8Plg=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Thu, 14 Apr 2016 14:04:36 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691431912.801442,VS0,VE0
etag
"0c6cdb6c2f89bf98124c3679a3412fb6"
vary
Accept-Encoding
content-type
application/x-javascript
abp
38
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
460
tbframe.js
cdn.taboola.com/shared/ Frame 3382 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/shared/tbframe.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
0pDr76RrkFiLTlb_BYFV8nfS5Xv_eohq
content-encoding
gzip
via
1.1 varnish
date
Mon, 07 Aug 2023 18:11:51 GMT
x-amz-request-id
MCM1KHZQ99PATK44
age
7530
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
3897
x-amz-id-2
3cN240z7ry+s7Kwg9LeEjeQBVZMFOPLGyhDaLTZrdACRpjINdFQsHertPTbjazUY2QiiVVK8Plg=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Thu, 14 Apr 2016 14:04:36 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691431912.801793,VS0,VE0
etag
"0c6cdb6c2f89bf98124c3679a3412fb6"
vary
Accept-Encoding
content-type
application/x-javascript
abp
42
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
461
notifyme.php
adtrack.adleadevent.com/ 		0
918 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adtrack.adleadevent.com/notifyme.php?st=a96081b6-db78-48c4-9f82-b93e316fb1f7
Requested by
Host: ajax.googleapis.com
URL: https://ajax.googleapis.com/ajax/libs/jquery/3.0.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.35.76.22 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-35-76-22.eu-west-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:51 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 18:11:51 GMT
Server
Apache
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
https://www.casho.la
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0, no-cache="set-cookie"
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
20
Expires
Sat, 26 Jul 1997 05:00:00 GMT
75cbe9d3-638e-4fb2-b3d8-87014b4713e2
https://www.casho.la/ 		31 B
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.casho.la/75cbe9d3-638e-4fb2-b3d8-87014b4713e2
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
31
Content-Type
application/javascript
12o46q643rns6rr808p0q9n746535qnr-00001.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/ 		209 KB
210 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/300k/12o46q643rns6rr808p0q9n746535qnr-00001.ts
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
f028e76c03dd9e15555e4470331e4eb44e2dfdf64d0477b897c1b497d1180efa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
214508
last-modified
Mon, 07 Aug 2023 16:45:29 GMT
server
AmazonS3
etag
"4337dabfaf969751fad072f58c7fdecc"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
hNwnGwfLmI7lM02P4p738__KIVgiF-TYLB6AYzwIlb7eo4WsTw6wwg==
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 18:11:51 GMT
pixel;r=1511805575;labels=Categories.personal-finance;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F;ref=https%3A%2F%2Fww...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1511805575;labels=Categories.personal-finance;rf=0;a=p-6Fv0cGNfc_bw8;url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F;ref=https%3A%2F%2Fwww.google.com%2F;uht=2;fpan=1;fpa=P0-988025342-1691431908233;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=casho.la;dst=0;et=1691431911626;tzo=0;ogl=locale.en_US%2Ctype.website%2Csite_name.Cashola%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Ecasho%252Ela%2Fwp-content%2Fuploads%2F2022%2F09%2Fshutterstock_1608793423-1000x576%2Curl.https%3A%2F%2Fwww%252Ecasho%252Ela%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-%2Ctitle.Joe%20Biden%20Hints%20at%20a%20Potential%20Tax%20Hike%20on%20Oil%20Companies%20Very%20Soon%2Cdescription.Energy%20prices%20are%20still%20on%20the%20rise%20all%20over%20the%20world%20as%20countries%20continue%20to%20;ses=5aa4ccab-4003-4bf4-96a4-686a65511e3b;mdl=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=829516482;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F;ref=https%3A%2F%2Fwww.google.com%2F;uht=2;fpan=1;fpa=P0-...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=829516482;rf=0;a=p-Pz67dCqdsHfxh;url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F;ref=https%3A%2F%2Fwww.google.com%2F;uht=2;fpan=1;fpa=P0-988025342-1691431908233;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=casho.la;dst=0;et=1691431911628;tzo=0;ogl=locale.en_US%2Ctype.website%2Csite_name.Cashola%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Ecasho%252Ela%2Fwp-content%2Fuploads%2F2022%2F09%2Fshutterstock_1608793423-1000x576%2Curl.https%3A%2F%2Fwww%252Ecasho%252Ela%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-%2Ctitle.Joe%20Biden%20Hints%20at%20a%20Potential%20Tax%20Hike%20on%20Oil%20Companies%20Very%20Soon%2Cdescription.Energy%20prices%20are%20still%20on%20the%20rise%20all%20over%20the%20world%20as%20countries%20continue%20to%20;ses=5aa4ccab-4003-4bf4-96a4-686a65511e3b;mdl=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
pixel;r=180613315;labels=edge.1%2Csid.17661;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F;ref=https%3A%2F%2Fwww.google.c...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=180613315;labels=edge.1%2Csid.17661;rf=0;a=p-effSsmMYCbAck;url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F;ref=https%3A%2F%2Fwww.google.com%2F;uht=2;fpan=1;fpa=P0-988025342-1691431908233;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=casho.la;dst=0;et=1691431911629;tzo=0;ogl=locale.en_US%2Ctype.website%2Csite_name.Cashola%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Ecasho%252Ela%2Fwp-content%2Fuploads%2F2022%2F09%2Fshutterstock_1608793423-1000x576%2Curl.https%3A%2F%2Fwww%252Ecasho%252Ela%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-%2Ctitle.Joe%20Biden%20Hints%20at%20a%20Potential%20Tax%20Hike%20on%20Oil%20Companies%20Very%20Soon%2Cdescription.Energy%20prices%20are%20still%20on%20the%20rise%20all%20over%20the%20world%20as%20countries%20continue%20to%20;ses=5aa4ccab-4003-4bf4-96a4-686a65511e3b;mdl=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type
image/gif
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame A57D 		138 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
097421709739a12afd21bde2ce7d15857f7baeda2dce7479ef3bdcf7a302ef4a
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
an-x-request-uuid
11c763c3-1f6b-40f7-ab12-72ee85cce145
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A57D 		173 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e8a8a8e3530d7895d6730b80336e4c400c542cc7658a708300252a05b81e358c

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
translator
hbopenbid.pubmatic.com/ Frame A57D 		0
111 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:50 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
pbjs
htlb.casalemedia.com/openrtb/ Frame A57D 		36 B
548 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/openrtb/pbjs?s=438214
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.25.185 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8d42fdfa49b4db4b4fbffd6952f660569a7195cf9ec95efe022d232df1108730

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TXTCN7r3MNgxNnvEw%2BGTvfXpH%2BgCYMkbXpK7gGEpnT3TWu0Vv2PpkV%2FC61oK9dxrRflGsiW87JktCTr7HdnxUrLATn%2FIBn772W1uX%2Be5uulsRJJBPDH9fv%2F9GvB9ilFkf83mk17m"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
no-cache
access-control-allow-credentials
true
cf-ray
7f317c08ddf31d9a-FRA
alt-svc
h3=":443"; ma=86400
content-length
36
expires
0
unruly_prebid
targeting.unrulymedia.com/ Frame A57D 		0
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
https://www.casho.la
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
auction
tlx.3lift.com/header/ Frame A57D 		19 B
541 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=8.5.0&referrer=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tmax=3000
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.156.39.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-156-39-179.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
accept-ch
sec-ch-ua-full-version-list,sec-ch-prefers-color-scheme,sec-ch-ua-platform,sec-ch-dpr,user-agent,sec-ch-width,sec-ch-viewport-height,sec-ch-save-data,sec-ch-ect,sec-ch-ua-model,sec-ch-ua-platform-version,sec-ch-device-memory,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-full-version,sec-ch-ua-arch,sec-ch-rtt,sec-ch-ua-mobile,sec-ch-viewport-width,sec-ch-downlink
x-auction-status
17
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
hb
hb.undertone.com/ Frame A57D 		0
557 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb.undertone.com/hb?pid=3590&domain=casho.la
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.113 , United States, ASN (),
Reverse DNS
server-13-224-103-113.zrh50.r.cloudfront.net
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:51 GMT
via
1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
server
istio-envoy
accept-ch
sec-ch-ua-platform-version,sec-ch-ua-full-version,sec-ch-ua-full-version-list,sec-ch-ua-model,sec-ch-ua-arch,sec-ch-ua-bitness,sec-ch-ua-wow64
x-amz-cf-pop
ZRH50-C1
x-cache
Miss from cloudfront
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin
https://www.casho.la
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
x-envoy-upstream-service-time
1
x-amz-cf-id
Z9pEd4Hkbjhjtaq42Dms2jcxfA77wdEw9bbg05c-yJrx1-5b3SAUvA==
expires
Mon, 26 Jul 1997 05:00:00 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame A57D 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=ZL58MvDe6LiIz&cb=0&ws=1600x1200&v=23.725.1446&t=2000&slots=%5B%7B%22kv%22%3A%7B%22irisid%22%3A%22iris_3a3ab8c6a23b5003%22%7D%2C%22id%22%3A%22standard%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!stnvideo.com%2CAasBUF7V9msOtfGMQ_QfpQ%2C1%2C%2C%2C&pubid=6c3f03cd-6fa8-4477-ac05-2c0f4f8da092&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
9PNT92DS0BGX4KYQFF5A
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
Fh4EF_89aJi00rh8gFXcPYDbPKVVKtlS0TwggFpymMWPIrpMITPn0w==
getads.htm
rt3029.infolinks.com/action/ 		144 B
294 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3029.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22o_IL_INSEARCH%22%2C%22bdc%22%3A1%2C%22prod_t%22%3A%22o%22%2C%22garc%22%3A0%2C%22sdata%22%3A%22oil%20companies%22%2C%22scs%22%3A%22Fh-Bfa_ZAB%22%7D%5D&rid=0d5caaa7-0ed9-4ad7-ab6a-b5688ed7a15c&jsv=1878.017-3.027&sr=1600X1200&rts=1691431911676&cfv=-1&ref=www.google.com%2F&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=115.0.5790.170&dv=p&ce=t&purl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tzo=-0000&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=jlrtn0lARI93G70917swEIFEKRuT3kgDT8iynSj3BMYjQ5dnIfuO_Q3hV-xeF-ZlkDy9kP46nVNKrTgCZ5kx8hTlxpYqKVaOOcQpRVZEoKFYp718PW-YHeGEb8BwD0pYTGqEMsjE0bLe8B_2mPKgeFn7tor0TVe4&rsk=73&rcs=5a1ZeNkjNoqQpH2NoDP5UQ&cuid=41cfc5fd-af0a-4c14-a99e-c4c47a64fa02&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51703bb0e9d331aec6d24ea5644d5247673d98013ace3145b66376a1af59f490

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7f317c081d831ad4-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		88 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
170542634de00e486dffd3600325e2e69fb06a41c1bd54566c58a7d098bf6762
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28864
x-xss-protection
0
server
cafe
etag
304 / 19576 / 31076822 / config-hash: 5968797547309228701
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 07 Aug 2023 18:11:51 GMT
intag_incontent.js
resources.infolinks.com/js/1878.017-3.027/ 		200 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1878.017-3.027/intag_incontent.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
21cfed7eb47b3b9d993cf5a71b4feb6e45c17a34e5355f197deb015ff7d877f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 08:52:53 GMT
server
cloudflare
age
4254
etag
W/"31f6c-601d8ac306e30"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317c082dc41ad4-FRA
expires
Wed, 06 Sep 2023 17:00:57 GMT
in_frame.js
resources.infolinks.com/js/1878.017-3.027/ 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/1878.017-3.027/in_frame.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4d71e245e039e2ab2210e33f77247ae8b8d1c899010a02a799ab0d5a961910b5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Tue, 01 Aug 2023 08:52:53 GMT
server
cloudflare
age
5279
etag
W/"95ba-601d8ac306a48"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317c082dc81ad4-FRA
expires
Wed, 06 Sep 2023 16:43:52 GMT
Tweet.html
platform.twitter.com/embed/ Frame B1F7 		345 B
919 B 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F335) /
Resource Hash
a636d9148b1af206baeace1b74dd84119caf7dd2beba5d2729ed6b9105af8a71

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
1427
Cache-Control
public, max-age=1800
Content-Length
345
Content-Type
text/html; charset=utf-8
Date
Mon, 07 Aug 2023 18:11:51 GMT
Etag
"c22df39fdae6fe0e58f08aaa0da97dfe"
Last-Modified
Wed, 02 Aug 2023 23:07:30 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (via/F335)
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
X-Cache
HIT
x-amz-server-side-encryption
AES256
x-tw-cdn
VZ
img.fetch
udmserve.net/udm/ Frame A686 		0
807 B 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=17661;tid=1;dt=7;p=1;rri=1691431908178_951983_80.255.7.104;mid=43264;zzz=1;version=v2.21.3;cb=0.4794156662066029;session=1;style=slider;vis=visible;traffic_info=%7B%7D;gdprApplies=true;consentGiven=false;consentData=cmpMissing
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.21.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
application/x-javascript
Date
Mon, 07 Aug 2023 18:11:51 GMT
Expires
-1d
Connection
Keep-Alive
Content-Length
0
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
edge-logo-white.png
bid.underdog.media/ 		15 KB
16 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bid.underdog.media/edge-logo-white.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:1c00:5:c4ab:c3c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 01 Aug 2023 18:07:36 GMT
via
1.1 fa2f998214db1c6c6bdb96ceff3ce5d8.cloudfront.net (CloudFront)
last-modified
Tue, 17 Nov 2020 21:08:31 GMT
server
AmazonS3
x-amz-cf-pop
ZRH55-P1
age
518656
etag
"876f68d4ff152e17573c3a8f3cc1a580"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=2592000
accept-ranges
bytes
content-length
15804
x-amz-cf-id
GShCwprvtNfoHuuFZtvuv9cXGTWPFzp7NtrlE4CVCPa0pel8yNJOvg==
mplayer_comscore_plugin.4.4.85.js
www.oo-syringe.com/prod/players/ 		39 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_comscore_plugin.4.4.85.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:214f:2000:3:64bd:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
0b9e3146908391fc165a5c5bb6d556d33f66fd00f5bf0ab7cc2afed2836bc07d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Thu, 13 Jul 2023 15:45:43 GMT
x-amz-version-id
PkObB5gKk6njrzS82nhbb.ZRqzEv0wud
content-encoding
gzip
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age
2168769
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Jun 2023 08:57:31 GMT
server
CloudFront
etag
W/"e972d1af74c4f75f9c4d6bb946297dfc"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
private, max-age=1800
x-amz-cf-id
xh5Km3BcyD80VCAKBOjaFczjuktp_D1JMamd6-cmHU1dHaRXfM_GZA==
unruly_prebid
targeting.unrulymedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://targeting.unrulymedia.com/unruly_prebid
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
46.228.174.115 , United Kingdom, ASN56396 (AMOBEE, GB),
Reverse DNS
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Accept-Encoding,Origin,Accept-Language,X-CSRF-Token,x-unruly-override
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://www.casho.la
access-control-max-age
1728000
content-length
0
content-type
text/plain charset=UTF-8
date
Mon, 07 Aug 2023 18:11:51 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 21:23:50 GMT
x-content-type-options
nosniff
age
161281
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 21:23:50 GMT
S6u9w4BMUTPHh7USSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh7USSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Lato:wght@300;400;500;600;700;800;900&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 05 Aug 2023 07:55:38 GMT
x-content-type-options
nosniff
age
209773
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23236
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:08:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 04 Aug 2024 07:55:38 GMT
mplayer_shaka_voltax.4.4.85.js
www.oo-syringe.com/prod/players/ 		370 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.oo-syringe.com/prod/players/mplayer_shaka_voltax.4.4.85.js
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:9000:214f:2000:3:64bd:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
35347a100232409b89ee158c56720b5ebf3665a47b26bdac97cf99077fbdbb8b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sun, 16 Jul 2023 18:15:54 GMT
x-amz-version-id
RhFkjxAECxH9ApyAtXddbzY3zp0.0tQI
content-encoding
gzip
via
1.1 e8b17f734954ee4d46d26cf302323482.cloudfront.net (CloudFront)
age
1900557
x-amz-cf-pop
FRA53-C1
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
alt-svc
h3=":443"; ma=86400
last-modified
Sun, 04 Jun 2023 08:57:31 GMT
server
CloudFront
etag
W/"9deb651bfb4ab64c62edceb7a856c6ad"
vary
Accept-Encoding, Origin
content-type
application/x-javascript
cache-control
private, max-age=1800
x-amz-cf-id
UoIzJv5I_58zprc_uxqMnfeUkB_ZYZY6s8DnXDPHxjYDyv3_ubXRqA==
gtm.js
www.googletagmanager.com/ 		313 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
727f8ee9d236bb2ae032f811eca79283a9ef229365abd8eca25fc4892cd61887
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
87561
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 07 Aug 2023 18:11:51 GMT
ns.html
www.googletagmanager.com/ Frame 0F51 		268 B
275 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/ns.html?id=GTM-PL4PD49
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, must-revalidate
content-encoding
br
content-length
92
content-type
text/html; charset=UTF-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 18:11:51 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
vary
*
x-xss-protection
0
truncated
/ 		4 KB
4 KB 		Font
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308

Request headers

Referer
Origin
https://www.casho.la
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
application/font-woff;charset=utf-8
inventory
api-player.globalsun.io/api/publishers/log/ 		42 B
366 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api-player.globalsun.io/api/publishers/log/inventory?category_id=cca780d9c99a8c88b3cd91&item_id=3359ee452e07e723efe794&origin=https%3A%2F%2Fwww.casho.la&href=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&adserver_id=4a00b1ac96bc7941112e43
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.77.37.165 , Singapore, ASN20473 (AS-CHOOPA, US),
Reverse DNS
45.77.37.165.vultrusercontent.com
Software
/ Globalsun
Resource Hash
edb6180c914e7b38450a0a388cc86d9aa54a6cf4e6cdd87d909300983eae7988
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
strict-transport-security
max-age=15724800; includeSubDomains
x-real-ip
80.255.7.104
x-powered-by
Globalsun
etag
W/"2a-6nB6ZG7auuDmXm7JB25tu2NKVKI"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
public, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Content-Type, *
content-length
42
vidice.js
resources.infolinks.com/js/vidice/2.1/ 		282 KB
71 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://resources.infolinks.com/js/vidice/2.1/vidice.js
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d31b1ca3f9a47ef07a5458a6d8e40ec216b607a05d2e938ded9d6fe9535a2f08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:51 GMT
via
1.1 google
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 20 Mar 2023 11:31:12 GMT
server
cloudflare
age
8027
etag
W/"4674f-5f75343a1fb78"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=2592000
cf-ray
7f317c09982b1ad4-FRA
expires
Wed, 06 Sep 2023 15:58:04 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:12:09 GMT
content-encoding
gzip
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront), 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P3
age
3583
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
LL7q2IQAQdpwX9l0-AzS3VpjJXWlZ3JILXZ8nLrIuJC5C9I9ilceSA==
choice.js
cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/casho.la/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/casho.la/choice.js?tag_version=V2?timestamp=1691431911961
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8c00:9:46dc:4700:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44934c324768f6502930dcd0e56b7bcbb2eaf42925cbbc6005aa7b9ca0d9538f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
br
via
1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
last-modified
Thu, 17 Nov 2022 11:31:49 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
x-amz-server-side-encryption
AES256
etag
W/"f6cd372ca90eb0a34b8b9c3e84703e70"
vary
Access-Control-Request-Headers,Access-Control-Request-Method,Origin,Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
application/javascript
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-amz-cf-id
ZMEf1Q3SnPcieSVlJ563FadW0jD8BtXJFyqm07gkOwKhuiX_-kbsrw==
/
bqstreamer.com/tr/ 		0
441 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bqstreamer.com/tr/
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare / PHP/5.6.40
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
x-powered-by
PHP/5.6.40
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hMb5LLdjcs3W8FSd4e9y%2FJ%2FfKvLvDj%2Fm7FKR%2FBww76J1Uy5wFZCrnulSEmwwH6fcOjTlwLu7IVdAx9ZNQLNApHltjcXxrRbryEkRBuCm7%2FFfuWv77b1Bho6HTQH6i6tvDeBB0%2BlzrMmljVzn"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
cf-ray
7f317c0b0f1a37ef-FRA
factors
factor-service.prod.voltaxservices.io/ 		47 B
577 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://factor-service.prod.voltaxservices.io/factors?mmPlayerLvl1=de:desktop:www.casho.la:chrome:windows%2010:%2f175840252270787323%2fmmplus%2fcratenetwork%2fcasho.la%2fvideo:01g11pgjq79xmbnx9c:4.4.85
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:d800:1a:7b6f:2940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
46621e3e8ea3951414e12c75438ac3f320b7f7f65ea8bd9effb837af959c4d9e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
via
1.1 abd012b9637ad93b7c9aa82d2cfb262c.cloudfront.net (CloudFront)
last-modified
Mon, 07 Aug 2023 18:11:52 GMT
server
CloudFront
x-amz-cf-pop
ZRH55-P1
vary
Accept-Encoding
access-control-allow-methods
PUT, POST, DELETE, PATCH
content-type
application/json; charset=utf-8
access-control-allow-origin
*
x-cache
Miss from cloudfront
cache-control
max-age=600
access-control-allow-headers
X-Client-Key, Origin, Content-Type, Accept, Authorization, MM-Tenant, MM-Ad-Server-Historical-Data, mmtarget
content-length
71
x-amz-cf-id
d85d9-HKweClh5_dzycPwrSBrlAQ3JTIPK4mKXevjmnzi6dV4UPPeg==
close-retina.png
ced-ns.sascdn.com/diff/templates/images/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ced-ns.sascdn.com/diff/templates/images/close-retina.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:52 GMT
Last-Modified
Wed, 20 Oct 2021 08:07:22 GMT
Server
AkamaiNetStorage
ETag
"dc45791e534223d16a4d14fa1a1a5f4e:1634717611.309945"
Content-Type
image/png
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1802
728x90.png
ads.themoneytizer.com/passback/moneytizer/ Frame 1053 		12 KB
12 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.themoneytizer.com/passback/moneytizer/728x90.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
4303af4b039a582af5ccabd4d2a66a8ea5fc8ee122d21850192876bd4ab421a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:52 GMT
x-cache
HIT
x-77-cache
HIT
x-age
51046
x-accel-date
1691380866
content-length
11915
x-77-nzt
AZySIYtcW9v/ZscAAA
pragma
public
x-accel-expires
@1691467266
last-modified
Tue, 10 Jan 2023 10:34:51 GMT
server
CDN77-Turbo
x-77-nzt-ray
cf8787275a93eab4e833d16419e5b804
content-type
image/png
cache-control
max-age=86400, public, no-transform
accept-ranges
bytes
expires
Tue, 08 Aug 2023 04:01:06 GMT
collect
region1.google-analytics.com/g/ 		0
252 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-J9WFNRQLJJ&gtm=45je3820&_p=330834980&ul=en-us&sr=1600x1200&cid=1849936587.1691431909&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=ABAI&_s=1&dl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Cashola&cn=www.casho.la&cs=ContentPlayer&sid=1691431912&sct=1&seg=0&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J9WFNRQLJJ&cx=c&_slc=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:52 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
embed.runtime.f3e57ef931459836a2c7.js
platform.twitter.com/embed/ Frame B1F7 		9 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F337) /
Resource Hash
403205d0a016454706357a3324a6d7b6b1feef3df33abb94d6059c1c4424ba0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:52 GMT
Content-Encoding
gzip
Age
413930
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
4231
Last-Modified
Wed, 02 Aug 2023 23:07:29 GMT
Server
ECS (via/F337)
Etag
"936fc01c0d5bd839161d69c487ca4cb3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.8601.9934bea25cda9d7ebe46.js
platform.twitter.com/embed/ Frame B1F7 		488 KB
160 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.8601.9934bea25cda9d7ebe46.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F33C) /
Resource Hash
f1ae9c2026aa097e604015d4bd47dca4778ac704f883659be7b4b312be583342

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:52 GMT
Content-Encoding
gzip
Age
413929
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
162750
Last-Modified
Wed, 02 Aug 2023 23:07:29 GMT
Server
ECS (via/F33C)
Etag
"55504f1cfd3e8a03140f64af41f78e0b+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.Tweet.50b440782c4b1f1c8d00.js
platform.twitter.com/embed/ Frame B1F7 		16 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.Tweet.50b440782c4b1f1c8d00.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F334) /
Resource Hash
740da0b55ec85d06a7a81fdfa62a1df291cf4bad6ecddbfaab8579abcedf77aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:52 GMT
Content-Encoding
gzip
Age
413930
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
6436
Last-Modified
Wed, 02 Aug 2023 23:07:29 GMT
Server
ECS (via/F334)
Etag
"4ac7e518bb526aab2dd4e71e0beb9115+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
1634065213_mercedes-wind.m3u8
cdn.globalsun.io// 		519 B
617 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io//1634065213_mercedes-wind.m3u8
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
8e9361308bf11900d292b906b622c2c43e9f34938b22f2782cd9f9e200ea557f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
x-cache
HIT
x-77-cache
HIT
x-age
36132224
x-accel-date
1655299688
x-77-nzt
AcO1qhGQVVr/gFUnAg
x-accel-expires
@1970659688
last-modified
Tue, 12 Oct 2021 19:00:14 GMT
server
CDN77-Turbo
etag
W/"6165db3e-207"
x-77-nzt-ray
4c156224145989dae833d1647ddfcc10
vary
Accept-Encoding, Origin
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
https://www.casho.la
cache-control
max-age=315360000
expires
Thu, 31 Dec 2037 23:55:55 GMT
prebid.js
serv-selectmedia.com/cdn/player/prebid/7_46/ 		443 KB
142 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/cdn/player/prebid/7_46/prebid.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
bae096a3ccdce32281e4b47bc84685356430193b5b4add8069495c07df0fdcae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 09:20:28 GMT
content-encoding
gzip
age
31884
x-guploader-uploadid
ADPycdsV-6Tsm_9PQy6YH-ZXWjM2FtD1v0qJ7Gbv_6HXK3i9DJNREZWpCfkP74VpMeDRxQVtkI4qwfk5SXXR1riWP240YycE74kY
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
145081
last-modified
Wed, 24 May 2023 09:47:36 GMT
server
UploadServer
etag
"d76351402bd35ee01ac71565f5bfe414"
vary
Accept-Encoding
x-goog-generation
1684921656492403
x-goog-hash
crc32c=QR+biw==, md5=12NRQCvTXuAaxxVl9b/kFA==
access-control-allow-origin
*
access-control-expose-headers
Accept, Authorization, Content-Length, Content-Range, Content-Type, Date, Origin, Range, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public,max-age=3600
x-goog-stored-content-length
145081
accept-ranges
bytes
content-type
application/javascript
apstag.js
c.amazon-adsystem.com/aax2/ Frame A0A9 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: serv-selectmedia.com
URL: https://serv-selectmedia.com/cdn/player/selectmedia-player.umd.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:12:09 GMT
content-encoding
gzip
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront), 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P3
age
3584
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
-wUQdNUBnpC3IOqYR2ZY3gQuJOKDoqxvKy-XQMloivlMj18RY_SHoA==
pwt.js
ads.pubmatic.com/AdServer/js/pwt/95054/6114/ Frame F2E6 		226 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/95054/6114/pwt.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0408a7735a7c8494c5fe2c0b852aeaccaa6a533f30622a4aa68ad6434e2e481f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
last-modified
Sat, 29 Apr 2023 00:51:53 GMT
server
Apache
vary
Accept-Encoding
content-type
application/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=99545
accept-ranges
bytes
content-length
69645
expires
Tue, 08 Aug 2023 21:50:57 GMT
insticator-tracking.js
d2na2p72vtqyok.cloudfront.net/video-script/ Frame F2E6 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2na2p72vtqyok.cloudfront.net/video-script/insticator-tracking.js?AV_SITE_ID=50ac9f89-65c4-4944-b2af-d3f85e68452f&AV_ADUNIT_NAME=casho.la_outstream_floating&AV_ACCOUNT_UUID=6d0e06f3-ff27-4d0f-a9af-57d293176a9c
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.147.48 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-147-48.fra60.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
3b8cb670b8eb79c32a42d775b6ecd4ddf43e2eedb5a3151828eaf8be1f2b3e14

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
M9LDnBYcPByjKb89j8xzoiJZ9glfUayq
Content-Encoding
gzip
Via
1.1 24fc4e03b1de2a14f79be2422e46a318.cloudfront.net (CloudFront)
Date
Sun, 06 Aug 2023 19:55:42 GMT
X-Amz-Cf-Pop
FRA60-P4
Age
80176
x-amz-server-side-encryption
AES256
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 26 Jan 2023 19:23:38 GMT
Server
AmazonS3
ETag
W/"b0d99ce2884f118d82c9e7e3c1dcdaeb"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
X-Amz-Cf-Id
3vYtZMuZTtH4CwuB9ESUcMEAe8pMY6wUX2N5WrWyrs0k9f5UVKS7dg==
aniview
ex.ingage.tech/v1/syncPage/ Frame 987D 		25 B
193 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ex.ingage.tech/v1/syncPage/aniview?to=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1691431911851-973536490909-001235-006-009438%26biddername%3D155%26pid%3D5d8ccec528a0617cae5a0755%26key%3DINSTUID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:2954 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c85f03ee7ffd8a409d628d4b368b63454b8f70fd43c2747f88f41df5dbc23f3

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
cf-cache-status
DYNAMIC
cf-ray
7f317c0c1c7c9c0a-FRA
content-length
25
content-type
application/json; charset=utf-8
date
Mon, 07 Aug 2023 18:11:52 GMT
server
cloudflare
vary
Origin
usync.html
eus.rubiconproject.com/ Frame 5E4A
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:11:52 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 07 Aug 2023 18:11:52 GMT
location
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
server
AkamaiGHost
pixel
ap.lijit.com/ Frame B831 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?us_privacy=1---&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1691431911851-973536490909-001235-006-009438%26biddername%3D18%26key%3D%24UID
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 07 Aug 2023 18:11:52 GMT
X-Sovrn-Pod
ad_ap4ams1
avpb7.51.0.js
player.aniview.com/script/6.1/libs/prebid/ Frame F2E6 		215 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:2be::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
677bab83edbaf28095393d59cebb7929d4d06499ca6ece8081a430f0fd2efa9d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdu0_zsYOXJk6kbZNZYmDlgSpIwtMbmRMjlTYwgQXhBKn3bxynm5FFKrbJn2TSVh71DzOIwjytrO51YU0tqlqZ7UWg
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
69989
last-modified
Mon, 07 Aug 2023 11:55:06 GMT
server
UploadServer
etag
"ec83c697128796dbbb5131a176ea6699"
vary
Accept-Encoding
x-goog-generation
1691409306865027
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=Nt/FMQ==, md5=7IPGlxKHltu7UTGhdupmmQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
69989
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:21:52 GMT
avpb7.51.0a2.js
player.aniview.com/script/6.1/libs/prebid/ Frame F2E6 		65 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a2.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:2be::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
3c4a40376ae1f8018ab31ce27010176d393d2d91c3e538db9b40ab9362a35415

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycduUjq7-s-n0lC3NQbDsMNwMNIF2j_4abKtbCIV71wY33xvDoWrTL45u5hfEU5bfvc_2vkdAHbJ9orkyVMjiuco8QA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21051
last-modified
Mon, 07 Aug 2023 11:55:07 GMT
server
UploadServer
etag
"9b17e06b576120bbcc1ae31e2fd2faf6"
vary
Accept-Encoding
x-goog-generation
1691409306913962
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=ftWtXQ==, md5=mxfga1dhILvMGuMeL9L69g==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21051
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:21:52 GMT
avpb7.51.0a1.js
player.aniview.com/script/6.1/libs/prebid/ Frame F2E6 		63 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a1.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:2be::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
01c3a025b0c8fb03bc17b1bfb5d0e40ff081556e844abfb19044728a9fa1310a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdtQo4QTd0dDtuz_GEtJU6E4KBXrC67JydvVFxoxi2kuvdedBRjonEk0KjPv544BX026Gx7ZaA28EGllAEPlFttAI9irdhkF
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
21036
last-modified
Mon, 07 Aug 2023 11:55:07 GMT
server
UploadServer
etag
"166fbc7db7f0a5411d03e3d9e955855f"
vary
Accept-Encoding
x-goog-generation
1691409306897558
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=qy6QNQ==, md5=Fm+8fbfwpUEdA+PZ6VWFXw==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
21036
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:21:52 GMT
avpb7.51.0a0.js
player.aniview.com/script/6.1/libs/prebid/ Frame F2E6 		68 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a0.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:2be::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdv0FRvUY_7stsep24QnoHI06Nb9fp9__6uJ40TYcNQNaVGHopHCFKOdyGkOSwtKjI3q_oY5vunj_BpjVGiyYhlvG8nR_Wsm
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
23120
last-modified
Mon, 07 Aug 2023 11:55:07 GMT
server
UploadServer
etag
"9a18824f4165c0fda011db1a19d417c6"
vary
Accept-Encoding
x-goog-generation
1691409306866761
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=DEweTA==, md5=mhiCT0FlwP2gEdsaGdQXxg==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
23120
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:21:52 GMT
avpb7.51.0a6.js
player.aniview.com/script/6.1/libs/prebid/ Frame F2E6 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0a6.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2a02:26f0:3500:2be::2c79 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
c6bf29161757477e025d81d0e17eefd1282e6156be38bf5f50b42bee50082dd1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsBFkIPoveUWjTfbj5DPaN_MCfJf8FcLrCcU0348yo9O6XOrY-ucp2B1J0_-OrGg0qljLZDOZlCzPmXGbOxG5andw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
content-length
20047
last-modified
Mon, 07 Aug 2023 11:55:07 GMT
server
UploadServer
etag
"be166181725ab51db0a1e23e69f67cbd"
vary
Accept-Encoding
x-goog-generation
1691409307229037
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
x-goog-hash
crc32c=GlkJCg==, md5=vhZhgXJatR2woeI+afZ8vQ==
access-control-expose-headers
Content-Type
cache-control
public, max-age=600
x-goog-stored-content-length
20047
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:21:52 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame A129 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:12:09 GMT
content-encoding
gzip
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront), 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P3
age
3584
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
rEae5f3XUcxFED0lKzJeCyfzGGiPUEyQsekXXtZ4N--e4h_awCsjPQ==
s2s
s2s.aniview.com/api/adserver/ 		0
475 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://s2s.aniview.com/api/adserver/s2s?auc_id=430d038d807487994be734ee5e0c685e&wpm=&ssrtb=&pbjs=&tms=&AV_C_USER_ID=1691431911851-973536490909-001235-006-009438&AV_SECURED=1&AV_LANGUAGE=en&AV_URL=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&AV_PUBLISHERID=5d8ccec528a0617cae5a0755&AV_CHANNELID=62ea3ab579d12c3cc207d375&tgt=0&AV_SUBID=&AV_CDIM1=&AV_CDIM2=&AV_CDIM3=&AV_ABT=&TRACK_URL=track1.aniview.com&pce=1&npx=1&AV_DETDOMAIN=www.casho.la&AV_DADPOS=1&AV_OPLACEMENT=5&AV_TAG=62ebd7e33bf98a75fe291dc5&AV_TEMPLATE=62ebcf9f165d3b6961339c66&AV_GPID=casho.la_floating_right_1&d36=6.2.121&responsive=1&sver=4&avtoken=911479&omv=1.0.1&clsid=67d1508f-ef8d-49cc-adaa-97bc2d6b3469&rando=98&AV_WIDTH=462&AV_HEIGHT=360&AV_DNT=0&cb=1431912212&wfc=1&tgt=0&&AV_VI=0&AV_VID=16.75&d4=1&d5=0&AV_PLCMT=4&AV_PLACEMENT=3&AV_PLAYBACKMETHOD=&ms2s=1
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.230.93.188 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-230-93-188.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
x-bamboo-c-skst
1
content-encoding
gzip
x-bamboo-c-skfe
1
x-bamboo-c-s
BYPASS
access-control-max-age
1728000
vary
Accept-Encoding
access-control-allow-methods
GET, POST, DELETE, PUT, OPTIONS, INDEX
access-control-allow-origin
https://www.casho.la
content-type
application/json
cache-control
no-cache
access-control-allow-credentials
true
access-control-allow-headers
Keep-Alive,User-Agent,If-Modified-Since,Cache-Control,Content-Type,Authorization,X-Bamboo-Token,Event-Id,X-Requested-With
expires
Thu, 27 Jul 2023 04:25:12 GMT
vast.xml
video-ads.rubiconproject.com/video/17062/153310/1184988/201/ 		2 KB
2 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/17062/153310/1184988/201/vast.xml?tg_i.site=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-194.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 / PHP/5.4.16
Resource Hash
77ecd81d505ac0d0f87e06858604cc6a080be087583d5d53f6d46a151a0fef3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:52 GMT
Content-Encoding
gzip
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
X-Powered-By
PHP/5.4.16
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
text/xml
Access-Control-Allow-Origin
https://www.casho.la
Cache-Control
public, must-revalidate, max-age=0, s-maxage=600
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
960
Expires
Mon, 07 Aug 2023 18:11:52 GMT
hb_310028_13810.js
player.hb.selectmedia.asia/prebidlink/469842/ Frame C3B2 		924 B
773 B 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/469842/hb_310028_13810.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6abd505041779695618e41a1d76dd4457e4317712a2124bfa5580fc60403a79d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
last-modified
Fri, 04 Aug 2023 21:57:24 GMT
server
nginx
etag
W/"64cd7444-39c"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 09 Aug 2023 18:11:52 GMT
gpt.js
securepubads.g.doubleclick.net/tag/js/ Frame C3B2 		88 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
551124d27e3538d0888357d9018245e643ca0656cf609475fdecf2b895b14f1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
28864
x-xss-protection
0
server
cafe
etag
290 / 19576 / 31076763 / config-hash: 5968797547309228701
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Mon, 07 Aug 2023 18:11:52 GMT
wrapper_hb_310028_13810.js
player.hb.selectmedia.asia/prebidlink/469842/ Frame C3B2 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/469842/wrapper_hb_310028_13810.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
eb6ceeb6fad66498f4234c546dd645931bb31d1245360d9f9a86a10c76e22d73

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
last-modified
Fri, 04 Aug 2023 21:57:24 GMT
server
nginx
etag
W/"64cd7444-869"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 09 Aug 2023 18:11:52 GMT
b75d12e4-3091-4c6f-a6d9-d5deaf55fb5e
sm1.selectmedia.asia/cdn/files/ Frame C3B2 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sm1.selectmedia.asia/cdn/files/b75d12e4-3091-4c6f-a6d9-d5deaf55fb5e
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
42cab56dd4465e77898e29ece8fe8666f9f87c7dd9bd8d8b3d04acfa29df5c03

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:31:27 GMT
age
2425
x-guploader-uploadid
ADPycdtvT8rtA572C3PmbQ41dcERBEzJj-XGFed2VAMRfMEjsZzeWzUyHQ6GOujoR6QTvE1ovcAo0s3NXJOxmG_HH-6vdnKZaky3
x-goog-storage-class
STANDARD
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
38090
last-modified
Wed, 24 May 2023 12:08:15 GMT
server
UploadServer
etag
"21313ebfa74ce0eba483653286539ba1"
x-goog-generation
1684930095022719
x-goog-hash
crc32c=mWBMWg==, md5=ITE+v6dM4Oukg2UyhlOboQ==
access-control-allow-origin
*
access-control-expose-headers
Authorization, Content-Range, Accept, Content-Type, Origin, Range
cache-control
public,max-age=3600
x-goog-stored-content-length
38090
accept-ranges
bytes
content-type
image/jpeg
ubpvideos
newsbot.unibots.in/get_videos/ 		438 B
610 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://newsbot.unibots.in/get_videos/ubpvideos
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
172.105.43.230 Mumbai, India, ASN63949 (AKAMAI-LINODE-AP Akamai Connected Cloud, SG),
Reverse DNS
172-105-43-230.ip.linodeusercontent.com
Software
nginx/1.14.0 (Ubuntu) /
Resource Hash
0cf8fc27b2aad322fe040dbdd518952b047a00b50449782f8646c3276b8b77aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 07 Aug 2023 18:11:53 GMT
Server
nginx/1.14.0 (Ubuntu)
Content-Length
438
Content-Type
application/json
pwt.js
ads.pubmatic.com/AdServer/js/pwt/159753/4709/1/ Frame A34E 		254 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/pwt/159753/4709/1/pwt.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62d0073a5831594d4e154ea4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
c56fe8e86248dab9f5bd11df391c35cf45ac349aadd3b2a1df79091f4c103e90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
gzip
last-modified
Mon, 21 Jun 2021 11:25:08 GMT
server
Apache
etag
"1521081-3f9b9-5c544ed0518c4"
vary
Accept-Encoding
content-type
text/javascript
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=113913
accept-ranges
bytes
content-length
80621
expires
Wed, 09 Aug 2023 01:50:25 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 8D1C 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62d0073a5831594d4e154ea4
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:12:09 GMT
content-encoding
gzip
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront), 1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P3
age
3584
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
Kgye529UHw9-TosHBDuWbGSINRtkJoKP5Lp4Ysbv5NNRdRyWZvqGWA==
66665616
powerad.ai/vast/ 		647 B
884 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/vast/66665616
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62d0073a5831594d4e154ea4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.242.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-242-72.compute-1.amazonaws.com
Software
/ Express
Resource Hash
3988c48553d20e45c8077af08f6c5349ed3876d898c618e6eeb06937e9514260

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
etag
W/"287-SScoR2mDdLYzktsVlqdClCbunhY"
x-powered-by
Express
vary
Accept-Encoding
content-type
text/xml; charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
access-control-allow-headers
*
content-length
647
17af63a5-02f8-4f16-b861-3efcbaf40760
https://www.casho.la/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.casho.la/17af63a5-02f8-4f16-b861-3efcbaf40760
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d3fff4a210d791bfd98347f39cf241cacfdbb3602b3319c6820c5a4160d8b5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
5431
Content-Type
application/javascript
467c52c3-ad6b-4eed-a30d-d2d3837d3761
https://www.casho.la/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.casho.la/467c52c3-ad6b-4eed-a30d-d2d3837d3761
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1feb79de0dc55cd770e59b9f62f34da85a3f522f7b06c415218ecbb4df7f9686

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
78253
Content-Type
application/javascript
3ee54027-4905-4a95-984d-216af2eade13
https://www.casho.la/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.casho.la/3ee54027-4905-4a95-984d-216af2eade13
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1feb79de0dc55cd770e59b9f62f34da85a3f522f7b06c415218ecbb4df7f9686

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
78253
Content-Type
application/javascript
ads
pubads.g.doubleclick.net/gampad/ Frame C7A7 		3 KB
966 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F21760922134%2C22500435788%2Fca-video-pub-4090704406626496-tag%2Fviads.casho.la&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=282904009061423&&_timestamp=1691431910717&vpa=auto&vpmute=1&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&sdki=445&ptt=20&adk=1369229360&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=D391841B-D43D-43EB-8439-86230AABF824&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=5037&dt=1691431912537&cookie_enabled=1&scor=3188084528220219&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a825ce1448f104c47e29c13867f75401aa63fbffdc03b762da37debcffcfd1a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
939
x-xss-protection
0
google-lineitem-id
0
pragma
no-cache
server
cafe
google-creative-id
0
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 6426 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame B701 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 41EA 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524505
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CE60 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2135
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
collect
q.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Date
Mon, 07 Aug 2023 18:11:52 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
/
ssc-cms.33across.com/ps/ Frame 3665 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bpjP6uza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP015 /
Resource Hash

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
server
33XP015
x-33x-status
2000208
/
ssc-cms.33across.com/ps/ Frame 87F8 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=d5jv24zaar7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP016 /
Resource Hash

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
server
33XP016
x-33x-status
2000208
async_usersync.html
acdn.adnxs.com/dmp/ Frame 6E88 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:11:52 GMT
ETag
"623de86a-cf34"
Expires
Tue, 08 Aug 2023 18:11:54 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
/
ads.us.e-planning.net/uspd/1/ Frame F47C 		3 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
32f13b82c3a29f0a81f283519fdff7befd91bf2d810bd4eb929c32a0b86c5440

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache
content-encoding
gzip
content-type
text/html
date
Mon, 07 Aug 2023 18:11:52 GMT
expires
Mon, 07 Aug 2023 18:11:52 GMT
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
server
openresty
x-sid
AMS-929
d
ic.tynt.com/r/ Frame B28F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ic.tynt.com/r/d?m=xch&rt=html&gdpr=0gdpr_consent=&us_privacy=&ru=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D304056%26extuid%3D33XUSERID33X%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D%26gpp%3D%5Breplace_me%5D%26gpp_sid%3D%5Breplace_me%5D
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.33 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip33.67-202-105.static.steadfastdns.net
Software
nginx/1.16.1 /
Resource Hash

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
"no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false"
date
Mon, 07 Aug 2023 18:11:52 GMT
expires
"Sat, 26 Jul 1997 05:00:00 GMT"
p3p
CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"
server
nginx/1.16.1
sync.html
public.servenobid.com/ Frame 8315 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.120 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-120.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
25470
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Mon, 07 Aug 2023 11:07:23 GMT
etag
W/"cba3476b12cba88403393b498cdbcb0a"
last-modified
Wed, 02 Aug 2023 17:35:11 GMT
server
AmazonS3
vary
Accept-Encoding Origin
via
1.1 f7d063966b06905209f8790f5fd607e2.cloudfront.net (CloudFront)
x-amz-cf-id
5803n5LI5WLqDSqFthn5NBKB50PAIctlvEJDxLFBh9_7NmKDJAWd6g==
x-amz-cf-pop
FRA56-P5
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:31ab35ea-5a5c-48f0-b2fb-f30c51be3ea7
x-amz-meta-codebuild-content-md5
72eb3bf796cfb76b935cf7988fe9dbf6
x-amz-meta-codebuild-content-sha256
54752e6f134e9a3b5264f5fce48201b016c1d763a4f3777fb3c64f249a8a0f94
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
sync.html
s.adtelligent.com/ Frame 0533 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.adtelligent.com/sync.html?aid=651796
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.151.202 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
78caf0aa7c8036db15e75fa9cdb286a17fb12c436c49e286637bcd2d1f005f1b

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
https://www.casho.la
Connection
Keep-Alive
Content-Encoding
gzip
Content-Length
874
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:11:52 GMT
Server
Adtelligent
X-Robots-Tag
noindex
/
ssc-cms.33across.com/ps/ Frame A8AE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=bHj7xyza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP018 /
Resource Hash

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
server
33XP018
x-33x-status
2000208
/
csync.smilewanted.com/ Frame EE8A 		6 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f317c0e1c1f1c9d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:52 GMT
server
cloudflare
vary
Accept-Encoding
usync.html
eus.rubiconproject.com/ Frame 6AE0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:11:52 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 58C4 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
onetag-sys.com/usync/ Frame DA1D 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=59a18369e249bfb
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame 08EE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=aiQovMzaer7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP020 /
Resource Hash

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
server
33XP020
x-33x-status
2000208
cookie
cm.adform.net/ Frame 1429 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D743293%26extuid%3D%24UID%26gdpr%3D%5Breplace_me%5D%26gdpr_consent%3D%5Breplace_me%5D
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 07 Aug 2023 18:11:52 GMT
server
nginx
/
ssc-cms.33across.com/ps/ Frame 6094 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=btze1Sza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP002 /
Resource Hash

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
server
33XP002
x-33x-status
2000208
isyn
prebid.a-mo.net/ Frame BFBF 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/isyn?gdpr_consent=&gdpr=0&us_privacy=&gpp=&gpp_sid=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, private, must-revalidate
date
Mon, 07 Aug 2023 18:11:52 GMT
server
envoy
vary
Accept-Encoding
x-envoy-upstream-service-time
0
iframe
sync.missena.io/ Frame 83B4 		36 KB
12 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/iframe
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.80.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
53e42eac2910d072b26f840249769d3d2158019bf5e2616f98ba1023dff5b88d

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Encoding
br
Content-Type
text/html; charset=utf-8
Date
Mon, 07 Aug 2023 18:11:52 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Mon, 07 Aug 2023 18:11:52 GMT
Pragma
no-cache
Transfer-Encoding
chunked
Vary
Accept-Encoding Origin
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E9C7 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142515
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 07 Aug 2023 18:11:52 GMT
expires
Wed, 09 Aug 2023 09:47:07 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
csync
sync.adtelligent.com/ Frame 881D
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D733849%26extuid%3D%24UID
  • https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5730477144318325021
43 B
456 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5730477144318325021
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:52 GMT
Etag
98bc15074146f0fd
Server
Adtelligent

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
d9ef23e2-ce92-4010-8ee4-a9adfbd21b82
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:11:52 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.adtelligent.com/csync?t=a&ep=733849&extuid=5730477144318325021
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
/
onetag-sys.com/usync/ Frame 560B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1691431909232
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
ssc-cms.33across.com/ps/ Frame AF97 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&ru=deb&id=byadUMza8r7ikjrkHcnnVW&gdpr_consent=undefined&us_privacy=undefined&gpp=&gpp_sid=
Requested by
Host: ads.themoneytizer.com
URL: https://ads.themoneytizer.com/moneybid8_6/build_noconsent/dist/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
67.202.105.21 , United States, ASN32748 (STEADFAST, US),
Reverse DNS
ip21.67-202-105.static.steadfastdns.net
Software
33XP004 /
Resource Hash

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
server
33XP004
x-33x-status
2000208
prebid
b1h.zemanta.com/usersync/ 		26 B
127 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://b1h.zemanta.com/usersync/prebid
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:52 GMT
Content-Length
26
Content-Type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Zw4GL6aFpv7EIrJ3&instance=214862936&version=7.20.1&age=230807&ldt=BIDS&key=nydEIVUv&c_id=13327&seq=1&order=5&vIndex=0&absoluteTime=7566.9&relativeTime=4739.3&sm_id=2924987&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8786&load=1&status=LVFNMNIY&ac_id=2008&bidIndex=1&prebid.cid=0&prebid.bidders.appnexus.time=813.6&prebid.bidders.rubicon.time=1120.6&prebid.bidders.pubmatic.time=1117.4&prebid.bidders.ix.time=1115.8&prebid.bidders.unruly.time=802.8&prebid.bidders.triplelift.time=1113&prebid.bidders.undertone.time=1112.3&prebid.start=6438.1&prebid.time=1126.7&prebid.timeout=3000&adIndex=-1
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-9-3.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
usync.js
eus.rubiconproject.com/ Frame 5E4A 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25471
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
usync.js
eus.rubiconproject.com/ Frame 6AE0 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:52 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25471
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
pixelSync
pixel.sitescout.com/dmp/ Frame F47C 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dc1ab0a3ba8e76a50
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.241 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:52 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
pbs.gif
sync.admanmedia.com/ Frame F47C 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Dc1ab0a3ba8e76a50%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
prebid
rtb.openx.net/sync/ Frame F47C 		43 B
245 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dc1ab0a3ba8e76a50%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
via
1.1 google
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
lotame20220615.js
s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/ Frame F47C 		566 B
521 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.2 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
s.e-planning.net
Software
openresty /
Resource Hash
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
last-modified
Wed, 15 Jun 2022 16:21:31 GMT
server
openresty
etag
W/"62aa070b-236"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 05 Aug 2028 18:11:53 GMT
um
u-ams03.e-planning.net/ Frame F47C
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dc1ab0a3ba8e76a50%26uid%3D%24UID
  • https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=c1ab0a3ba8e76a50&uid=5730477144318325021
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=c1ab0a3ba8e76a50&uid=5730477144318325021
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 07 Aug 2023 18:11:53 GMT
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
an-x-request-uuid
480b6520-d4f1-451e-a4f9-f2c1b55f3fc9
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://u-ams03.e-planning.net/um?dc=8103fa85295fbe60&fi=c1ab0a3ba8e76a50&uid=5730477144318325021
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
um
u-ams03.e-planning.net/ Frame F47C
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De64f73568d2b3c34%26fi%3Dc1ab0a3ba8e76a50%26uid%3D%24UID&partner=eplanning
  • https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=c1ab0a3ba8e76a50&uid=ua-85a2f744-99a1-3fcc-9c86-c50f3179682a
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=c1ab0a3ba8e76a50&uid=ua-85a2f744-99a1-3fcc-9c86-c50f3179682a
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 07 Aug 2023 18:11:54 GMT
content-type
image/gif

Redirect headers

location
https://u-ams03.e-planning.net/um?dc=e64f73568d2b3c34&fi=c1ab0a3ba8e76a50&uid=ua-85a2f744-99a1-3fcc-9c86-c50f3179682a
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
cache-control
no-store
content-length
0
expires
0
us
sync.go.sonobi.com/ Frame F47C 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/us?loc=%0A%0Ahttps%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3De52415579699e09f%26fi%3Dc1ab0a3ba8e76a50%26uid%3D%5BUID%5D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-199
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
um
u-ams03.e-planning.net/ Frame F47C
Redirect Chain
  • https://cookies.nextmillmedia.com/sync?type=image&gdpr={{.GDPR}}&gdpr_consent={{.GDPRConsent}}&us_privacy={{.USPrivacy}}&redirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fuid%3D%5BNMUID%5D%26dc%...
  • https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=c1ab0a3ba8e76a50
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=c1ab0a3ba8e76a50
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Redirect headers

location
https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=c1ab0a3ba8e76a50
date
Mon, 07 Aug 2023 18:11:53 GMT
server
fasthttp
content-length
0
sync
x.bidswitch.net/ Frame F47C 		43 B
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=eplanning
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
config
c.amazon-adsystem.com/cdn/prod/ 		2 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.casho.la&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.casho.la
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
2353
x-amz-cf-id
NU6kb7SPu7_CBBhLbcEZwx81kY1o-ripGKmEFKXtxZAfNA8X7E_ejQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 06:23:09 GMT
x-amz-cf-pop
FRA56-P3
age
42524
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
vwEIDDjvB2W6hq70rG-yoiyJxNg7MCaObOq1-_m1jUsWhqH8s4VSgw==
loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame 494C 		1 MB
308 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
8047cea60dd022529264f03872a2a2d70483d6acd89ce89203dbda6fe6db3831

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
UI45ePJtqik0cRpJ.BZlgiOPNVRsSTGt
content-encoding
gzip
via
1.1 varnish
date
Mon, 07 Aug 2023 18:11:53 GMT
x-amz-request-id
QHHB3V83V6M42N2X
age
4295
x-amz-server-side-encryption
AES256
x-cache
HIT
x-from-cache
1
x-envoy-upstream-service-time
10
x-amz-replication-status
FAILED
content-length
314852
x-amz-id-2
rtliX5HgFzlj1MmTvmvDqvcSJJQG5Mi0aUfsz6tQF0L3bKi2rJUgc5TlRhN56zrwKTHJ/Dgx+vg=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Mon, 07 Aug 2023 16:17:39 UTC
server
nginx
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691431913.009072,VS0,VE2
etag
"b62eac4e6f344f75b6f17bb19e4c97f6a585a4ed"
vary
Accept-Encoding, Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
abp
10
cache-control
private,max-age=14400
accept-ranges
bytes
x-cache-hits
1
loader.js
cdn.taboola.com/libtrc/themonetizer-network/ Frame 5E3B 		1 MB
314 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/shared/tbframe.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
37d216fb94deeb991226ff72c80fe650495c62c483d95cd5e3c7fff622f623fc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
UI45ePJtqik0cRpJ.BZlgiOPNVRsSTGt
content-encoding
gzip
via
1.1 varnish
date
Mon, 07 Aug 2023 18:11:53 GMT
x-amz-request-id
18PV5AS3WB4AX6J6
age
4965
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
FAILED
fastly-restarts
2
x-amz-id-2
48UoxZUaO+Y3aisZ4j0EsiOoGORU1u80dpqdfpXzFmtO23caJ4Es/O9AUnWrN4ln1SXJX5NfJ2c=
x-served-by
cache-fra-eddf8230058-FRA
content-length
321403
last-modified
Thu, 03 Aug 2023 15:18:09 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691431913.057635,VS0,VE0
etag
"252c8125a39440081e6d911d65c76913"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
39
access-control-allow-origin
*
cache-control
private,max-age=14401
accept-ranges
bytes
x-cache-hits
138
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A0A9 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 06:23:09 GMT
x-amz-cf-pop
FRA56-P3
age
42525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
jqM18Rz6ad4KNjJGXUOWFxIZzfDK8PcRmnLvX9UXGscKHjBs88I0NQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A129 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 06:23:09 GMT
x-amz-cf-pop
FRA56-P3
age
42525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
-psbd5cXv-VMSNxe2LRqT3Hne9pxVYlTQgLYai6UcbDuNuLGEUL9tQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame A129 		2 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.casho.la&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
f834273cdff28daf8bd2192b12ac3bbe356344adac6fe2c4844062e764b775dd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:52 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.casho.la
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
1707
x-amz-cf-id
14rJjiOwK4OomPfzGkvMcWs7sDeqYyCJK5OxrNktwrm_DQZtnl28jA==
13926
g2.gumgum.com/usync/ Frame 8513 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.77.46.237 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-77-46-237.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
2ba6e3077a30bc1be85a169b3635968baa0c225631a3d72cf35616ffccb29d73

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 07 Aug 2023 18:11:53 GMT
etag
W/"0db1af83227864e0fbdbcb3bbba9b72f6"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 07F5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 1F94 		944 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
25345c6a3e4ea39d186b6b47a930fbb4af45ba036948a90f0d73ddb28543ecd9

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
944
content-type
text/html
date
Mon, 07 Aug 2023 18:11:52 GMT
usermatch
ssum-sec.casalemedia.com/ Frame C161 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
3a0728ad59948b915d36817449cb4d72ca83be5fcab2f8ce4f3ddd6884d9cf41

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1738
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:11:53 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usync.html
eus.rubiconproject.com/ Frame 630C
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=duration_media&endpoint=us-east
  • https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:11:53 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 07 Aug 2023 18:11:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 0A66 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142514
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 07 Aug 2023 18:11:53 GMT
expires
Wed, 09 Aug 2023 09:47:07 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
sync-iframe
cs-rtb.minutemedia-prebid.com/ Frame C202 		0
527 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-rtb.minutemedia-prebid.com/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D348%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:223f:e800:1f:4c18:bd40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 07 Aug 2023 18:11:53 GMT
server
istio-envoy
via
1.1 1fd323b9134f7d940dac0d007036a604.cloudfront.net (CloudFront)
x-amz-cf-id
d6T7OSkjlDvKLJKhLF4_YGO5WzW94CNxfryXRLKQie26LfRwZi4VQg==
x-amz-cf-pop
FRA56-P5
x-cache
Miss from cloudfront
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
user-sync
sync.adkernel.com/ Frame 7290 		0
160 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adkernel.com/user-sync?zone=181225&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D152%26uid%3D%7BUID%7D&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
77.245.57.72 , United States, ASN36057 (WEBAIR-INTERNET-MTL, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Age
0
Cache-Control
no-store
Connection
close
Content-Length
0
Date
Mon, 07 Aug 2023 18:11:53 GMT
Pragma
no-cache
Server
nginx
sync-iframe
cs-server-s2s.yellowblue.io/ Frame 4474 		0
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D352%26uid%3D%7BpartnerId%7D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
34.194.30.69 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-194-30-69.compute-1.amazonaws.com
Software
istio-envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, X-WL-CONF,X-Requested-With
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://public.servenobid.com/
content-length
0
content-type
text/html
date
Mon, 07 Aug 2023 18:11:53 GMT
server
istio-envoy
x-envoy-upstream-service-time
0
x-reason
could not perform CS due to GDPR policy: gdpr is not applied
sync
ads.servenobid.com/ Frame 8315
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=5730477144318325021
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=5730477144318325021
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
an-x-request-uuid
bf6aa666-8f27-4f95-ac22-6c81e10a6d94
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://ads.servenobid.com/sync?pid=312&uid=5730477144318325021
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 8315
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D&dnr=1
  • https://ads.servenobid.com/sync?pid=310&uid=HHMDrRZHne9662hFSBakQJZZ
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=HHMDrRZHne9662hFSBakQJZZ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:53 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=HHMDrRZHne9662hFSBakQJZZ
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap3ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 8315 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 07 Aug 2023 18:11:53 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 8315
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1691431913383
  • https://ad.turn.com/r/cs?pid=45&rndcb=1998988680
  • https://sync.1rx.io/usersync/turn/7266735936752934681?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003?redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3DRX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003
  • https://ads.servenobid.com/sync?pid=321&uid=RX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003
0
361 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=321&uid=RX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=321&uid=RX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003
date
Mon, 07 Aug 2023 18:11:56 GMT
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
etag
RX454fa167f27e4ceebc7e385eecb31b3a003
content-type
text/html
sync
ads.servenobid.com/ Frame 8315
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5107433829258782300
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5107433829258782300
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5107433829258782300
Date
Mon, 07 Aug 2023 18:11:53 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 8315 		0
500 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
69.166.1.12 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:53 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
go-iad-2-5-199
Content-Type
text/plain; charset=utf8
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 8315
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
0
252 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=&us_privacy=1YN-&gdpr=0
date
Mon, 07 Aug 2023 18:11:52 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
0
server
envoy
content-length
0
occ
ups.analytics.yahoo.com/ups/58559/ Frame 8315 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58559/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
ads.servenobid.com/ Frame 8315
Redirect Chain
  • https://ssp.disqus.com/redirectuser?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D346%26uid%3DBUYERUID
  • https://ads.servenobid.com/sync?pid=346&uid=ua-85a2f744-99a1-3fcc-9c86-c50f3179682a
0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=346&uid=ua-85a2f744-99a1-3fcc-9c86-c50f3179682a
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=346&uid=ua-85a2f744-99a1-3fcc-9c86-c50f3179682a
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
cache-control
no-store
content-length
0
expires
0
occ
ups.analytics.yahoo.com/ups/58632/ Frame 8315 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58632/occ
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
v1
match.sharethrough.com/universal/ Frame 8315 		0
35 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/universal/v1?supply_id=KW3eSFMR&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.126.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-126-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
sync
ads.servenobid.com/ Frame 8315
Redirect Chain
  • https://hbx.media.net/cksync.php?cs=1&type=pbs&ovsid=setstatuscode&bidder=medianet&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D353%26uid%3D%3Cvsid%3E
  • https://ads.servenobid.com/sync?pid=353&uid=0000EEA
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

pragma
no-cache
strict-transport-security
max-age=86400 ; includeSubDomains, max-age=604800
date
Mon, 07 Aug 2023 18:11:53 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
location
https://ads.servenobid.com/sync?pid=353&uid=0000EEA
content-type
text/html
cache-control
max-age=0, no-cache, no-store
content-length
154
x-mnet-hl2
E
expires
Mon, 07 Aug 2023 18:11:53 GMT
pbs.gif
sync.admanmedia.com/ Frame 8315 		20 B
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
8.2.110.24 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
Content-Type
text/plain
usync.html
eus.rubiconproject.com/ Frame 7C8F
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:11:53 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 07 Aug 2023 18:11:53 GMT
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
server
AkamaiGHost
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 04E8 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142514
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 07 Aug 2023 18:11:53 GMT
expires
Wed, 09 Aug 2023 09:47:07 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame B479 		2 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
6941af6b6a21b9b440e46d437f45073261d42980a9c5aecaa6a02d5b54c4459e

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
1567
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:11:53 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame E495 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
max-age=157680000
cf4age
84227
cf4ttl
157680000.000
content-length
1525
content-type
text/html
date
Mon, 07 Aug 2023 18:11:53 GMT
etag
"61ddbb71-5f5"
expires
Mon, 24 Apr 2028 15:30:46 GMT
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
server
CFS 0215
x-cf-reqid
7850fc7c463ca99e62451ff1bfd5999d
x-cf-tsc
1682607275
x-cf1
29080:fK.fra2:co:1585621119:cacheN.fra2-01:H
x-cf2
H
x-cf3
H
x-cff
B
/
onetag-sys.com/usync/ Frame AA42 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame A8D8 		8 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d541acd1c5d80fde9d99e833f3a0a065ab1b4d0961fb9734b822963aa299a6a
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
cf-cache-status
DYNAMIC
cf-ray
7f317c11fa2537ca-FRA
content-encoding
br
content-type
text/html
date
Mon, 07 Aug 2023 18:11:53 GMT
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
via
1.1 google
x-content-type-options
nosniff
1634065213_mercedes-wind0.ts
cdn.globalsun.io// 		607 KB
608 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io//1634065213_mercedes-wind0.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d4ffe2ab79652288e40fde6e2a25c64be911ec70f21d339f21422f9264fabe7f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:53 GMT
x-cache
HIT
x-77-cache
HIT
x-age
880438
x-accel-date
1690551475
content-length
621340
x-77-nzt
AcO1qhGo0Mf/Nm8NAA
x-accel-expires
@1691588275
last-modified
Tue, 12 Oct 2021 19:00:13 GMT
server
CDN77-Turbo
etag
"97b1c-5ce2c748f8940"
x-77-nzt-ray
4c156224145989dae933d164ca258a10
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.casho.la
accept-ranges
bytes
getads.htm
rt3029.infolinks.com/action/ 		133 B
199 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3029.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IF_LEFT%22%2C%22bdc%22%3A2%2C%22prod_t%22%3A%22f%22%2C%22garc%22%3A0%2C%22as%22%3A%22160*600%22%2C%22nom%22%3A2%2C%22sdata%22%3A%22american%22%2C%22scs%22%3A%22k_7EVbwWv9%22%7D%5D&rid=0d5caaa7-0ed9-4ad7-ab6a-b5688ed7a15c&jsv=1878.017-3.027&sr=1600X1200&rts=1691431913265&cfv=-1&ref=www.google.com%2F&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=115.0.5790.170&dv=p&ce=t&purl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tzo=-0000&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=jlrtn0lARI93G70917swEIFEKRuT3kgDT8iynSj3BMYjQ5dnIfuO_Q3hV-xeF-ZlkDy9kP46nVNKrTgCZ5kx8hTlxpYqKVaOOcQpRVZEoKFYp718PW-YHeGEb8BwD0pYTGqEMsjE0bLe8B_2mPKgeFn7tor0TVe4&rsk=73&rcs=5a1ZeNkjNoqQpH2NoDP5UQ&cuid=41cfc5fd-af0a-4c14-a99e-c4c47a64fa02&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
38d35cbc5b832e7d8ee709041dcf0bf7111a865069d0461a298a7d9b01682112

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7f317c120eb01ad4-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
getads.htm
rt3029.infolinks.com/action/ 		137 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3029.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE0%22%2C%22bdc%22%3A3%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A4%2C%22maw%22%3A665%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22capara%22%3A%22%7B%5C%22successfulAlgo%5C%22%3A%5C%22aapalgo%5C%22%2C%5C%22top%5C%22%3A2936%2C%5C%22left%5C%22%3A270%2C%5C%22isAboveFold%5C%22%3A0%7D%22%2C%22sdata%22%3A%22news%22%2C%22scs%22%3A%22v6YRhMBo1j%22%7D%5D&rid=0d5caaa7-0ed9-4ad7-ab6a-b5688ed7a15c&jsv=1878.017-3.027&sr=1600X1200&rts=1691431913281&cfv=-1&ref=www.google.com%2F&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=115.0.5790.170&dv=p&ce=t&purl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tzo=-0000&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=jlrtn0lARI93G70917swEIFEKRuT3kgDT8iynSj3BMYjQ5dnIfuO_Q3hV-xeF-ZlkDy9kP46nVNKrTgCZ5kx8hTlxpYqKVaOOcQpRVZEoKFYp718PW-YHeGEb8BwD0pYTGqEMsjE0bLe8B_2mPKgeFn7tor0TVe4&rsk=73&rcs=5a1ZeNkjNoqQpH2NoDP5UQ&cuid=41cfc5fd-af0a-4c14-a99e-c4c47a64fa02&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
efb2de97fd12878832f5d8fac4a7de5af3403187b9e96d678c41b6f3018c5b85

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7f317c122ef21ad4-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
getads.htm
rt3029.infolinks.com/action/ 		151 B
212 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3029.infolinks.com/action/getads.htm?hks=%5B%7B%22lid%22%3A%22IL_IN_ARTICLE1%22%2C%22bdc%22%3A4%2C%22prod_t%22%3A%22a%22%2C%22miw%22%3A4%2C%22maw%22%3A665%2C%22mih%22%3A12%2C%22mah%22%3A2400%2C%22capara%22%3A%22%7B%5C%22successfulAlgo%5C%22%3A%5C%22aapalgo%5C%22%2C%5C%22top%5C%22%3A3096%2C%5C%22left%5C%22%3A270%2C%5C%22isAboveFold%5C%22%3A0%7D%22%2C%22sdata%22%3A%22bill%20gates%20twitter%22%2C%22scs%22%3A%22qSqMwWHCFQ%22%7D%5D&rid=0d5caaa7-0ed9-4ad7-ab6a-b5688ed7a15c&jsv=1878.017-3.027&sr=1600X1200&rts=1691431913285&cfv=-1&ref=www.google.com%2F&cb=getAdsResponse&os=Windows&ov=10&br=Chrome&bv=115.0.5790.170&dv=p&ce=t&purl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tzo=-0000&c=c&strg=true&sua=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D&rsd=jlrtn0lARI93G70917swEIFEKRuT3kgDT8iynSj3BMYjQ5dnIfuO_Q3hV-xeF-ZlkDy9kP46nVNKrTgCZ5kx8hTlxpYqKVaOOcQpRVZEoKFYp718PW-YHeGEb8BwD0pYTGqEMsjE0bLe8B_2mPKgeFn7tor0TVe4&rsk=73&rcs=5a1ZeNkjNoqQpH2NoDP5UQ&cuid=41cfc5fd-af0a-4c14-a99e-c4c47a64fa02&hbnr=false
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
308828e4dac643d094958767d331361a1e795580943554f39f0bd8ad782808ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
p3p
CP="NON DSP NID OUR COR"
content-language
de-DE
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7f317c122ef61ad4-FRA
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
dcl.htm
rt3029.infolinks.com/action/ 		0
60 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rt3029.infolinks.com/action/dcl.htm?rid=0d5caaa7-0ed9-4ad7-ab6a-b5688ed7a15c&jsv=1878.017-3.027&capara=%7B%22mode%22%3A%22default%22%2C%22markers%22%3A2%7D
Requested by
Host: resources.infolinks.com
URL: https://resources.infolinks.com/js/1878.017-3.027/ice.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
172.66.42.247 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
text/html;charset=UTF-8
cache-control
no-cache,no-store
cf-ray
7f317c122ef71ad4-FRA
content-length
0
x-application-context
application:prod
expires
Thu, 01 Jan 1970 00:00:00 GMT
comScore-JS-6.2.3.180328.min.js
bucket1.mm-syringe.com/lib/ 		156 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://bucket1.mm-syringe.com/lib/comScore-JS-6.2.3.180328.min.js
Requested by
Host: www.oo-syringe.com
URL: https://www.oo-syringe.com/prod/players/mplayer_comscore_plugin.4.4.85.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:214f:1000:3:64bd:d2c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
ce270c9952a278a73384c409e1bc02e7b5367767702a1d87d5105b9aef3e91ae

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Sat, 22 Jul 2023 03:04:28 GMT
content-encoding
gzip
via
1.1 78c402b74e65ae12b398b6b957ab229e.cloudfront.net (CloudFront)
x-amz-version-id
UP2tnScyf0IkbIh1GVgoQZiM5AlMQNdo
last-modified
Sun, 31 Mar 2019 15:57:40 GMT
server
CloudFront
x-amz-cf-pop
FRA53-C1
age
1436846
etag
W/"18a99636882ae65fbb2e600e276380ca"
vary
Accept-Encoding, Origin
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age= 31536000
alt-svc
h3=":443"; ma=86400
x-amz-cf-id
MY0LLWENR64IP7NpGueRjKLTQMR02zFYXZ7cn88VEleSEMedNrejOg==
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/ 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js?cb=31076822
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95a0a6e3823b20170bbae77c19ce189d6a1b178f6230ed124cc85da8011bdf28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 10:36:22 GMT
content-encoding
br
x-content-type-options
nosniff
age
27331
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129393
x-xss-protection
0
server
cafe
etag
2294886439466480038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 06 Aug 2024 10:36:22 GMT
01fa41qrk1qm09newsxv
drm.mmvideosvc.com/v1.0/regulation/ 		52 B
325 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://drm.mmvideosvc.com/v1.0/regulation/01fa41qrk1qm09newsxv?origin=www.casho.la
Requested by
Host: vms-players.minutemediaservices.com
URL: https://vms-players.minutemediaservices.com/01g11pgjq79xmbnx9c.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:fa00:1a:eb05:4900:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
CloudFront /
Resource Hash
49aba4768cafaa9b64d8626e2cc5ff2b5df75b7975f74bbd20f388febf968277

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Tue, 16 May 2023 15:41:52 GMT
via
1.1 2aefdd231d9806ea2eced3399f411f80.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
ZRH55-P1
age
7180201
x-cache
Hit from cloudfront
content-type
application/json
access-control-allow-origin
*
content-length
52
x-amz-cf-id
bua9Z-CMgkfPwRuQ7tlHaq-eihY7j2vF_hVxyDRxDVK0vykbckLs4g==
embed.749.467388cca0b3fe9c3291.js
platform.twitter.com/embed/ Frame B1F7 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.749.467388cca0b3fe9c3291.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F33A) /
Resource Hash
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:53 GMT
Content-Encoding
gzip
Age
413931
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
6789
Last-Modified
Wed, 02 Aug 2023 23:07:29 GMT
Server
ECS (via/F33A)
Etag
"d3483b9c737e990765e6ba56d01154a3+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.i18n.en-js.6f17855ce00c810739c7.js
platform.twitter.com/embed/ Frame B1F7 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.i18n.en-js.6f17855ce00c810739c7.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F33C) /
Resource Hash
aaf8348fad3676d3d62c09c1a92f11d075643f798d1a3516b4a34cf9eb127862

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:53 GMT
Content-Encoding
gzip
Age
413930
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
1532
Last-Modified
Wed, 02 Aug 2023 23:07:29 GMT
Server
ECS (via/F33C)
Etag
"5b5cbc6ad9092f6f21500a609c1aa00b+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
platform.twitter.com/embed/ Frame B1F7 		35 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.horizon-web.i18n.en-js.d681a6dcae4601184824.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F347) /
Resource Hash
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:53 GMT
Content-Encoding
gzip
Age
413931
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
11289
Last-Modified
Wed, 02 Aug 2023 23:07:29 GMT
Server
ECS (via/F347)
Etag
"df117930505b95292615fd76b0e9369c+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 8D1C 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 9e1b24b39ac8b669f996f1e7907eb696.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 06:23:09 GMT
x-amz-cf-pop
FRA56-P3
age
42525
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
gaXQPp8f196gj9c8_QzFalniMDtujHdk7NpqZuOHsMcSxVQp6URSoQ==
config
c.amazon-adsystem.com/cdn/prod/ Frame 8D1C 		0
300 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.casho.la&pubid=24b39613-fd0f-4009-9189-976a7d9bfd3d
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.casho.la
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
7T_tnp5c0Mm3GMMkeRc86_ibrrGQUolP1xF0_oudZmNETJ7TcIJbxQ==
integrator.js
adservice.google.com/adsid/ 		107 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.casho.la
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
content-type
application/javascript; charset=UTF-8
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
100
x-xss-protection
0
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 07 Aug 2023 18:26:53 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=288
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR6ZEGAGSH9EK3S
age
6758
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7f317c142f09918e-FRA
x-amz-id-2
YYdcwitRr3DHNt7NQm1+Sg902LJSB4f7qhP3lwSODEZFT62tqhOtbf8uahKDj8SpjLadVWf2scE=
id5-api.js
cdn.id5-sync.com/api/1.0/ 		111 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
QGNMJRCNX2F6Z540
age
2654
etag
W/"850654f90e2ec1863b605c4395898e58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f317c142801364a-FRA
x-amz-id-2
j5ld6KzwPFVU6Rd930exz0a+X/1LLWbV02RrXUIIY/rFcwprRyXb/YEotYzHtILzQ99P5qOF8T4=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Mon, 07 Aug 2023 18:26:53 GMT
quant.js
secure.quantserve.com/ 		22 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/casho.la/choice.js?tag_version=V2?timestamp=1691431911961
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
etag
"sLp6xTjO7svFVaOemhLWUQ=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Mon, 14 Aug 2023 18:11:53 GMT
rules-p-Hwnr8j7tWA3Nu.js
rules.quantcount.com/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-Hwnr8j7tWA3Nu.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:b400:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:29:53 GMT
content-encoding
gzip
via
1.1 ff571229df9f46b01b0e434bcb36f9e6.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH55-P1
age
2520
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
last-modified
Thu, 13 Oct 2022 23:45:13 GMT
server
AmazonS3
etag
W/"25e2d4f54b5bb37c6c82b554454ef41a"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-cf-id
pPp-5tXV6uJWTLwtm7Ug7bFNJWn8tko-geT7JGOcqPgrc4pbLNa8EA==
cmp2.js
cmp.quantcast.com/tcfv2/ 		178 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/cmp2.js?referer=casho.la
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/choice/Hwnr8j7tWA3Nu/casho.la/choice.js?tag_version=V2?timestamp=1691431911961
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8c00:9:46dc:4700:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:50:39 GMT
content-encoding
br
via
1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
1274
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
last-modified
Wed, 19 Jul 2023 15:20:42 GMT
server
AmazonS3
etag
W/"1746c81073fb3adcecce59e604b48427"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=3600
x-amz-meta-qc-ineu
True
vary
Accept-Encoding
x-amz-cf-id
zl92VLw1_RSR7Us9THZNewtJHzg3UYk6MHaFywtIV_tq1ELeHj_kaA==
pixel;r=598953789;source=choice;rf=3;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F;ref=https%3A%2F%2Fwww.google.com%2F;uht=2;...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=598953789;source=choice;rf=3;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F;ref=https%3A%2F%2Fwww.google.com%2F;uht=2;fpan=1;fpa=P0-988025342-1691431908233;pbc=;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=casho.la;dst=0;et=1691431913516;tzo=0;ogl=locale.en_US%2Ctype.website%2Csite_name.Cashola%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Ecasho%252Ela%2Fwp-content%2Fuploads%2F2022%2F09%2Fshutterstock_1608793423-1000x576%2Curl.https%3A%2F%2Fwww%252Ecasho%252Ela%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-%2Ctitle.Joe%20Biden%20Hints%20at%20a%20Potential%20Tax%20Hike%20on%20Oil%20Companies%20Very%20Soon%2Cdescription.Energy%20prices%20are%20still%20on%20the%20rise%20all%20over%20the%20world%20as%20countries%20continue%20to%20;ses=5aa4ccab-4003-4bf4-96a4-686a65511e3b;mdl=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
hbp_master_310028_13810.js
player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/ Frame C3B2 		456 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/469842/hb_310028_13810.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
6df27c0bb63c6f0de7e1f3af6d264829ef436bcb7057b271514a58a5ba4c2fd8

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
last-modified
Sun, 09 Jul 2023 14:29:59 GMT
server
nginx
etag
W/"64aac467-72057"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 09 Aug 2023 18:11:53 GMT
bid
aax.amazon-adsystem.com/e/dtb/ Frame A129 		64 B
502 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=Hb31TkdFe9fqc&cb=0&ws=1600x1200&v=23.725.1446&t=8000&slots=%5B%7B%22id%22%3A%22Insticator_Large_Video_Player%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!insticator.com%2C6d0e06f3-ff27-4d0f-a9af-57d293176a9c%2C1%2C%2C%2C&pubid=70fb13d1-ab65-42ac-a7ca-0b4e680d5c92&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
RF5ZPD1D4NAAT45EF4J2
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
timing-allow-origin
*
content-length
64
x-amz-cf-id
F-KOQM1AvKurap4e5Z8OAyLubEZOUf3ZRRerlD_OVz4OcTqqczUMZQ==
decode_consent.js
static.smilewanted.com/js/decode_consent/ Frame EE8A 		48 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.smilewanted.com/js/decode_consent/decode_consent.js
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smilewanted.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
strict-transport-security
max-age=31536000; includeSubDomains
x-content-type-options
nosniff
cf-cache-status
HIT
content-encoding
gzip
age
289885
x-xss-protection
1; mode=block
referrer-policy
strict-origin
last-modified
Thu, 15 Apr 2021 17:11:55 GMT
server
cloudflare
etag
W/"607873db-c1ce"
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=315360000
cf-ray
7f317c140e2e1c9d-FRA
expires
Thu, 31 Dec 2037 23:55:55 GMT
12o46q643rns6rr808p0q9n746535qnr.m3u8
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		1 KB
828 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/12o46q643rns6rr808p0q9n746535qnr.m3u8
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
203cb1741183a16bc13973efbc3192fe59dc63a2b8f47ea83ae9eba220c87184

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
gzip
via
1.1 84294257ed643a88ee54d2e3f7d7ccea.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
last-modified
Mon, 07 Aug 2023 16:45:13 GMT
server
AmazonS3
etag
W/"51c8512058e526d15bb20a26a71c4454"
vary
Accept-Encoding,Origin
access-control-allow-methods
GET, HEAD, POST
content-type
application/x-mpegURL
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
x-amz-cf-id
WNy6r0iCaaTHFnRtSeQmsgDGXizwanaXTTx-_NnFw-jJM3qTvVM2ZQ==
getuid
ib.adnxs.com/ Frame A8D8 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=de781c70-8abd-41e2-bb1c-2f7efc458b85&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=de781c70-8abd-41e2-bb1c-2f7efc458b85&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c1ae8c937ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 07 Aug 2023 18:11:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?cid=de781c70-8abd-41e2-bb1c-2f7efc458b85&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
/
dmp.adform.net/serving/cookie/match/ Frame A8D8 		0
453 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame A8D8 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361&gdpr=1&gdpr_consent=
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cm
trc.taboola.com/sg/zeotap/1/ Frame A8D8 		0
146 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
8
date
Mon, 07 Aug 2023 18:11:54 GMT
via
1.1 varnish
x-served-by
cache-fra-eddf8230058-FRA
server
nginx
x-timer
S1691431914.104330,VS0,VE8
x-fastly-to-nlb-rtt
7724
x-cache
MISS
accept-ranges
bytes
content-length
0
x-service-version
v1
x-cache-hits
0
u
dmp.v.fwmrm.net/ad/ Frame A8D8 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f600:4cde:8aa:915a:85c4 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Content-Type
text/html
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame A8D8 		0
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 07 Aug 2023 18:11:52 GMT
content-length
0
content-type
text/html; charset=UTF-8
genericusersync.ashx
sync.tidaltv.com/ Frame A8D8 		0
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:24:b001:fe02:48a4:8f13:7b81 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
awselb/2.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
server
awselb/2.0
content-length
0
content-type
text/plain; charset=utf-8
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=f6444ad7-dcbb-43a3-6164-527de0307f44&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=f6444ad7-dcbb-43a3-6164-527de0307f44&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=81369816083266467084416187206224719126&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=81369816083266467084416187206224719126&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c265a1f37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v050-072458abe.edge-irl1.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
U22XxZmnSXQ=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=81369816083266467084416187206224719126&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame A8D8 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.254.143.3 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-254-143-3.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=f6444ad7-dcbb-43a3-6164-527de0307f44&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2023080720-95187-0.306285001691431914-8141d2d9c428da24afcddd269c4beeb2&zdid=533&env=mWeb
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2023080720-95187-0.306285001691431914-8141d2d9c428da24afcddd269c4beeb2&zdid=533&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c1cfba337ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2023080720-95187-0.306285001691431914-8141d2d9c428da24afcddd269c4beeb2&zdid=533&env=mWeb
Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7264644754048153739&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7264644754048153739&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c1ae8d937ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7264644754048153739&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame A8D8 		95 B
436 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=f6444ad7-dcbb-43a3-6164-527de0307f44
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.113.62 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
62.113.111.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
content-type
image/png
access-control-allow-origin
*
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
95
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f6444ad7-dcbb-43a3-6164-527de0307f44&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=f6444ad7-dcbb-43a3-6164-527de0307f44&gdpr=1&gdpr_consent=&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%...
  • https://mwzeom.zeotap.com/mw?webouuid=.D6KMcnVO6EkFATit6PWGu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-40...
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=.D6KMcnVO6EkFATit6PWGu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c25f97637ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
via
1.1 google
last-modified
Mon, 07 Aug 2023 18:11:55 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
location
https://mwzeom.zeotap.com/mw?webouuid=.D6KMcnVO6EkFATit6PWGu&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame A8D8 		0
84 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=f6444ad7-dcbb-43a3-6164-527de0307f44&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.15.245.83 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
no-store, no-cache, must-revalidate
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=f6444ad7-dcbb-43a3-6164-527de0307f44?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c1dcccc37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
cache-control
no-cache
x-server
10.45.11.159
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://ups.analytics.yahoo.com/ups/58697/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-fu0Lwr1E2oqlaBg3XIg9Hnzl_z00Ba5JrQ--~A&zpartnerid=570&env=mWeb
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-fu0Lwr1E2oqlaBg3XIg9Hnzl_z00Ba5JrQ--~A&zpartnerid=570&env=mWeb
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c27ec8a37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=y-fu0Lwr1E2oqlaBg3XIg9Hnzl_z00Ba5JrQ--~A&zpartnerid=570&env=mWeb
date
Mon, 07 Aug 2023 18:11:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=aAxU2eTvcjk%2BYIeFPqpESQ00RC3T%2FsjV%2BS41iYitP1U%3D
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=aAxU2eTvcjk%2BYIeFPqpESQ00RC3T%2FsjV%2BS41iYitP1U%3D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c1dac9137ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
server
AAWebServer
access-control-allow-methods
GET, POST, OPTIONS
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=aAxU2eTvcjk%2BYIeFPqpESQ00RC3T%2FsjV%2BS41iYitP1U%3D
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires
0
v2
odr.mookie1.com/t/ Frame A8D8 		42 B
213 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2?tagid=V2_746632&src.visitorId=f6444ad7-dcbb-43a3-6164-527de0307f44&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.236.64 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
64.236.160.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
via
1.1 google
last-modified
Tue, 28 Jun 2022 14:08:50 GMT
server
nginx
etag
"62bb0b72-2a"
content-type
image/gif
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
usermatch.gif
beacon.krxd.net/ Frame A8D8 		0
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.154.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-154-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
beacon-n021-dub-prod.krxd.net
date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
private, no-cache, no-store
x-request-time
D=32 t=1691431914
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame A8D8 		95 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=f6444ad7-dcbb-43a3-6164-527de0307f44&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/png
date
Mon, 07 Aug 2023 18:11:50 GMT
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZNEz6gAAAyP6cAA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1...
95 B
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZNEz6gAAAyP6cAA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c248f0537ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

x-served-by
cache-fra-eddf8230055-FRA
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
via
1.1 varnish
server
Jetty(9.4.35.v20201120)
x-timer
S1691431915.584626,VS0,VE94
x-cache
MISS
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
access-control-allow-origin
*
location
https://mwzeom.zeotap.com/mw?zpartnerid=876&env=mWeb&cid=ZNEz6gAAAyP6cAA4&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
cache-control
no-cache
accept-ranges
bytes
content-length
0
x-cache-hits
0
usermatch.gif
beacon.krxd.net/ Frame A8D8
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
  • https://mwzeom.zeotap.com/mw?zpartnerid=768&cid=PuKnXcfW&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=f6444ad7-dcbb-43a3-6164-527de0307f44
0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=f6444ad7-dcbb-43a3-6164-527de0307f44
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
52.31.154.19 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-154-19.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
beacon-n019-dub-prod.krxd.net
date
Mon, 07 Aug 2023 18:11:56 GMT
cache-control
private, no-cache, no-store
x-request-time
D=27 t=1691431916
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 07 Aug 2023 18:11:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
text/html; charset=utf-8
location
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=f6444ad7-dcbb-43a3-6164-527de0307f44
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c267a4937ca-FRA
access-control-allow-headers
*
dcm
aax-eu.amazon-adsystem.com/s/ Frame A8D8
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6444ad7-dcbb-43a3-6164-527de0307f44&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-616...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6444ad7-dcbb-43a3-6164-527de0307f44&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-616...
43 B
568 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6444ad7-dcbb-43a3-6164-527de0307f44&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361&dcc=t
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
YWHTZQ2B9NK57X8530MM
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
GJVCPPPB40K55HAW08KQ
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=f6444ad7-dcbb-43a3-6164-527de0307f44&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame A8D8 		0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=f6444ad7-dcbb-43a3-6164-527de0307f44&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.23.197.190 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-23-197-190.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
content-length
0
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df64...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c25f97337ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
date
Mon, 07 Aug 2023 18:11:55 GMT
cross-origin-resource-policy
cross-origin
content-length
0
mw
mwzeom.zeotap.com/ Frame A8D8
Redirect Chain
  • https://pixel.rubiconproject.com/token?pid=41544&puid=f6444ad7-dcbb-43a3-6164-527de0307f44&gdpr=1&gdpr_consent=&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de030...
  • https://mwzeom.zeotap.com/mw?cid=LL16VXOA-J-28RP&env=mWeb&zpartnerid=1770&gdpr=1
95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=LL16VXOA-J-28RP&env=mWeb&zpartnerid=1770&gdpr=1
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c26aa9137ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=LL16VXOA-J-28RP&env=mWeb&zpartnerid=1770&gdpr=1
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
syncd
x.bidswitch.net/ Frame A8D8 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/syncd?dsp_id=461&user_group=1&expires=5&user_id=f6444ad7-dcbb-43a3-6164-527de0307f44&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BBSW_UID%7D%26env%3DmWeb%26zpartnerid%3D1771%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Df6444ad7-dcbb-43a3-6164-527de0307f44%26reqId%3D38fda47c-e072-408c-557d-1c1a7fcc7962%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
mw
mwzeom.zeotap.com/ Frame A8D8 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1353&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c1d7c6737ca-FRA
access-control-allow-headers
*
content-length
95
cmp.min.js
spl.zeotap.com/ Frame A8D8 		557 B
475 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9e7bd772ed55a5541ea3beb163b4d4c0db05e8a05e65203d222436d5e8ed92ba
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
content-encoding
br
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
7f317c170a7e37ca-FRA
access-control-allow-headers
*
usync.js
eus.rubiconproject.com/ Frame 630C 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=duration_media&endpoint=us-east
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25470
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
collect
www.google-analytics.com/j/ 		3 B
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=330834980&t=pageview&_s=1&dl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dr=https%3A%2F%2Fwww.google.com%2F&ul=en-us&de=UTF-8&dt=Cashola&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=Partners&cm=MMPlus&_u=aGDAgEABAAAAACAAI~&jid=1411303358&gjid=2143371689&cid=1849936587.1691431909&tid=UA-23669758-34&_gid=1878985784.1691431909&_slc=1&gtm=45He3820n81PL4PD49&cg1=MMPlus%20partner&cd7=MMPlus%20partner&cd33=www.casho.la&cd35=462%3A260&cd38=video&cd54=Lifestyle&cd55=MM%2B%20%7C%20CrateNetwork%20%7C%20cookingfanatic.com&cd59=10%20sec&cd60=auto%20play&cd91=1&cd92=1&z=106694173
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		1 B
344 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-23669758-34&cid=1849936587.1691431909&jid=1411303358&gjid=2143371689&_gid=1878985784.1691431909&_u=aGDAgEABAAAAAGAAI~&z=15218774
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
date
Mon, 07 Aug 2023 18:11:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Aug 2023 17:49:45 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
1328
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Mon, 07 Aug 2023 19:49:45 GMT
destination
www.googletagmanager.com/gtag/ 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/destination?id=G-PEGZJDQ1BR&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PL4PD49
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
4fd845c831faf59bbc1493acb8d896841a78c590473d10bcb7ee0ae16d5978fb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85829
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 07 Aug 2023 18:11:53 GMT
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&aip=1&a=330834980&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dr=https%3A%2F%2Fwww.google.com%2F&dp=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&ul=en-us&de=UTF-8&dt=Cashola&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&cs=Partners&cm=MMPlus&ec=MMVideo&ea=vplayer%20video%20player%20embed&el=player_load%3D4835.10009765625%3Bplayer_script_req%3D-1&_u=aGDAAEABAAAAAGAAIC~&jid=124479058&gjid=187117381&cid=1849936587.1691431909&tid=UA-23669758-34&_gid=1878985784.1691431909&_r=1&gtm=45He3820n81PL4PD49&cg1=MMPlus%20partner&cd7=MMPlus%20partner&cd33=www.casho.la&cd35=462%3A260&cd38=video&cd54=Lifestyle&cd55=MM%2B%20%7C%20CrateNetwork%20%7C%20cookingfanatic.com&cd59=10%20sec&cd60=auto%20play&cd91=2&cd92=2&cd93=none&cd94=none&cd23=%2F175840252%2C270787323%2FMMPlus%2FCrateNetwork%2Fcasho.la%2FVideo&cd25=no&cd26=4.4.85&cd28=Lifestyle&cd34=crate-network&cd39=crate-network&cd40=vplayer&cd41=01g11pgjq79xmbnx9c&cd42=none&cd43=none&cd44=yes&cd45=0&cd46=yes&cd47=0%20-%209&cd48=no&cd50=01g11pjh9my1w3p971&cd51=yes&cd52=none&cd53=0&cd95=none&cd100=0&cd102=time%20in%20process%3D4%20milliseconds&cd104=https%3A%2F%2Fwww.google.com%2F&cd106=mmPlus%20GTM%20event%20to%20GA&cd107=Injection&cd108=MMPlus&cd110=4835.10009765625&cd113=none&cd114=none&cd119=none&cd126=none&z=535565410
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame C161
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB&gpp=&gpp_sid=
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB&gpp=&gpp_sid=&dcc=t
43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB&gpp=&gpp_sid=&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
NH4S31NMTVW1XDH81Q2F
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
PNRPYAFZ50FHWQ0KQQNW
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB&gpp=&gpp_sid=&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
usermatchredir
ssum-sec.casalemedia.com/ Frame C161
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
  • https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESED6s5KU3UcnMilB_BjFYWCE&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESED6s5KU3UcnMilB_BjFYWCE&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&gdpr_consent=&gdpr=&gpp=&gpp_sid=&google_gid=CAESED6s5KU3UcnMilB_BjFYWCE&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
364
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame C161
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=ZNEz5XO7nUUIDozwdqgEWAAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPJunaKdEOgKzLaYPx62OWY&google_cver=1
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPJunaKdEOgKzLaYPx62OWY&google_cver=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEPJunaKdEOgKzLaYPx62OWY&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
314
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame C161 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
sync
x.bidswitch.net/ Frame C161 		43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=index
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.184.249.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif
user-registering
ads.stickyadstv.com/ Frame C161 		43 B
650 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/user-registering?dataProviderId=1025&userId=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.123 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-123.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1691431914249063-521
Expires
Mon, 07 Aug 2023 18:11:54 GMT
crum
dsum-sec.casalemedia.com/ Frame C161
Redirect Chain
  • https://euexchangesync.digitaleast.mobi/usersync/index.gif?us_privacy=&gdpr=&gdpr_consent=&gpp=&gpp_sid=
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a8191d79-fbcb-48c4-a1c6-367c56cc7306
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a8191d79-fbcb-48c4-a1c6-367c56cc7306
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=498
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=11&external_user_id=a8191d79-fbcb-48c4-a1c6-367c56cc7306
date
Mon, 07 Aug 2023 18:11:54 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
131
content-type
text/html; charset=utf-8
ix
ad4m.at/ad/sim/ Frame C161 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad4m.at/ad/sim/ix
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:bd1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame C161 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
usync.js
eus.rubiconproject.com/ Frame 7C8F 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:53 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25470
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
usersync
usersync.gumgum.com/ Frame 8513
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5730477144318325021
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5730477144318325021
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
an-x-request-uuid
f56bcce3-e17d-4b99-a5a5-3ad05821a359
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5730477144318325021
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 8513
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_58c06190-b932-416d-b42a-7097546f8393&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_58c06190-b932-416d-b42a-7097546f8393&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://u.ipw.metadsp.co.uk/sync?ssp=bidswitch&bidswitch_ssp_id=gumgum2&bsw_user_id=${BSW_USER_UD}&bsw_param=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=&us_privacy=1---
  • https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=affb49e9-0cc2-4344-98f0-bafc04e15f9c
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=affb49e9-0cc2-4344-98f0-bafc04e15f9c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
18.184.249.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

location
https://x.bidswitch.net/sync?dsp_id=339&expires=14&gdpr=1&gdpr_consent=&user_group=0&user_id=&ssp=gumgum2&bsw_param=affb49e9-0cc2-4344-98f0-bafc04e15f9c
date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
no-cache, no-store, must-revalidate
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
syncPlatform
sync.outbrain.com/ Frame 8513
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28gSF70TaAqZxyF5kNq2OK859qaLeRC03V4E6zdl-O5jy3WCeYapGmYvzUXrx1MC6b%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_58c06190-b932-416d-b42a-7097546f8393&obuid=ENC(gSF70TaAqZxyF5kNq2OK859qaLeRC03V4E6zdl-O5jy3WCeYapGmYvzUXrx1MC6b...
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:57 GMT
Cache-Control
no-cache
X-TraceId
a3ef090f19b77042be063338a7771310
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0
Date
Mon, 07 Aug 2023 18:11:57 GMT
X-TraceId
c6e6c045b1a62633b2595e0f4d9c9a56
Content-Length
0
usersync
usersync.gumgum.com/ Frame 8513
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://us-u.openx.net/w/1.0/cm?cc=1&_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=c7d895af-660a-4a86-8d38-b3bce6401937
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=c7d895af-660a-4a86-8d38-b3bce6401937
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:55 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
location
https://usersync.gumgum.com/usersync?b=opx&i=c7d895af-660a-4a86-8d38-b3bce6401937
p3p
CP="CUR ADM OUR NOR STA NID"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame 8513
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-23274dc7-b2a5-5112-533c-a9899e314bea$ip$80.255.7.104
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-23274dc7-b2a5-5112-533c-a9899e314bea$ip$80.255.7.104
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-23274dc7-b2a5-5112-533c-a9899e314bea$ip$80.255.7.104
Date
Mon, 07 Aug 2023 18:11:54 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 8513
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-f7sL4CJE2pdPSMetCmdiGaApWvl340zboCw3~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-f7sL4CJE2pdPSMetCmdiGaApWvl340zboCw3~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 07 Aug 2023 18:11:54 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-f7sL4CJE2pdPSMetCmdiGaApWvl340zboCw3~A
content-length
0
usersync
usersync.gumgum.com/ Frame 8513
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=8c48c19e-9d22-4c9e-97fa-763d6825accb
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=8c48c19e-9d22-4c9e-97fa-763d6825accb
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=8c48c19e-9d22-4c9e-97fa-763d6825accb
Date
Mon, 07 Aug 2023 18:11:54 GMT
Connection
keep-alive
X-CI-RTID
593fc583-e268-48d5-ac77-84406cb29ca9
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 8513
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:55 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 07 Aug 2023 18:11:54 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://g2.gumgum.com/
x-varnish
1024300844
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 8513 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 8513
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_58c06190-b932-416d-b42a-7097546f8393&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=OI2Qe5kWumjVtXy0CPzd&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT2T2JGJIWKNLLK52W22SWORMHSMCDKB5GI...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=OI2Qe5kWumjVtXy0CPzd&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=OI2Qe5kWumjVtXy0CPzd&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:57 GMT
Content-Type
text/html; charset=utf-8
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=OI2Qe5kWumjVtXy0CPzd&us_privacy=1---
P3p
CP="We do not support P3P header."
Cache-Control
no-cache, no-store, must-revalidate
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 8513
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=36b73796-ef19-4f27-a528-af0524e6a54d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=36b73796-ef19-4f27-a528-af0524e6a54d
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=36b73796-ef19-4f27-a528-af0524e6a54d
access-control-allow-origin
*
date
Mon, 07 Aug 2023 18:11:54 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 8513
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=BGHQuwwB62a8&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=BGHQuwwB62a8&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:55 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=BGHQuwwB62a8&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-sf7cf
expires
-1
usersync
usersync.gumgum.com/ Frame 8513
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=7640565164426888160
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=7640565164426888160
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:55 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=7640565164426888160
date
Mon, 07 Aug 2023 18:11:54 GMT
content-length
0
sync
ads.servenobid.com/ Frame 8513 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_58c06190-b932-416d-b42a-7097546f8393
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
crum
dsum-sec.casalemedia.com/ Frame B479
Redirect Chain
  • https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5730477144318325021
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5730477144318325021
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
43
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
an-x-request-uuid
126fa6e8-37c9-4f44-ba45-b731939ef38c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=5730477144318325021
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame B479 		43 B
601 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB?gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/55940/ Frame B479 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB&gdpr_consent=&us_privacy=&gdpr=&gpp=&gpp_sid=
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rum
dsum-sec.casalemedia.com/ Frame B479
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7338793530790862617
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7338793530790862617
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=496
Content-Length
43
Expires
0

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=7338793530790862617
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame B479
Redirect Chain
  • https://p.rfihub.com/cm?in=1&pub=2079
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433829258782300
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433829258782300
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=57&external_user_id=5107433829258782300
Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
crum
dsum-sec.casalemedia.com/ Frame B479
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=CASALE&rurl=https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=_wfivefivec_
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6UW7pphb1Qt4HU5
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6UW7pphb1Qt4HU5
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:56 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Strict-Transport-Security
max-age=2592000; includeSubDomains
Server
PingMatch/v2.0.30-785-gcf3d607#rel-ec2-master i-0cf754cf2c3fcf8db@eu-central-1a@dxedge-app-eu-central-1-prod-asg
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=47&external_user_id=6UW7pphb1Qt4HU5
Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT
bridge
cm.adgrx.com/ Frame B479 		43 B
283 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
server
Cowboy
content-type
image/gif
p3p
CP="NOI OTC OTP OUR NOR"
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
x-realserver-nx
ams-delivery-5
content-length
43
expires
Thu, 23 Sep 2004 17:42:04 GMT
crum
dsum-sec.casalemedia.com/ Frame B479
Redirect Chain
  • https://ums.acuityplatform.com/tum?umid=8
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=810617862598
43 B
632 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=810617862598
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:55 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=497
Content-Length
43
Expires
0

Redirect headers

access-control-allow-origin
*
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=10&external_user_id=810617862598
content-length
0
um
u-ams03.e-planning.net/ Frame B479 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams03.e-planning.net/um?dc=99e41df815fd80b4&fi=c1ab0a3ba8e76a50&uid=ZNEz5XO7nUUIDozwdqgEWAAA%263200
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 07 Aug 2023 18:11:54 GMT
content-type
image/gif
missena
sync.missena.io/ Frame 58B5 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/missena?gdpr=0
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.80.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://sync.missena.io/iframe
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Date
Mon, 07 Aug 2023 18:11:53 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Mon, 07 Aug 2023 18:11:53 GMT
Pragma
no-cache
Vary
Origin
event
event.insticator.com/v1/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.77.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-77-144.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-type
application/json

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:54 GMT
access-control-allow-credentials
true
content-length
0
vary
Origin
event
event.insticator.com/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://event.insticator.com/v1/event?event_name=event_adunit-load
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.205.77.144 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-205-77-144.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
POST
access-control-allow-origin
https://www.casho.la
access-control-max-age
3600
content-length
0
date
Mon, 07 Aug 2023 18:11:54 GMT
vary
Origin
36b73796-ef19-4f27-a528-af0524e6a54d
sync.missena.io/improvedigital/ Frame 0021
Redirect Chain
  • https://ad.360yield.com/server_match?gdpr=0&partner_id=2157&r=https%3A%2F%2Fsync.missena.io%2Fimprovedigital%2F%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?gdpr=0&partner_id=2157&r=https%3A%2F%2Fsync.missena.io%2Fimprovedigital%2F%7BPUB_USER_ID%7D
  • https://sync.missena.io/improvedigital/36b73796-ef19-4f27-a528-af0524e6a54d
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/improvedigital/36b73796-ef19-4f27-a528-af0524e6a54d
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.80.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Date
Mon, 07 Aug 2023 18:11:53 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Mon, 07 Aug 2023 18:11:53 GMT
Pragma
no-cache
Vary
Origin

Redirect headers

access-control-allow-origin
*
content-length
0
content-type
text/plain
date
Mon, 07 Aug 2023 18:11:53 GMT
location
https://sync.missena.io/improvedigital/36b73796-ef19-4f27-a528-af0524e6a54d
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
auction
prebid-server.rubiconproject.com/openrtb2/ 		186 B
473 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
24cb9d7dfaceaa25230f3bcee6159c5142c268287208a2a828e0be4f733c1fb8

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
176
Expires
0
prebid
ib.adnxs.com/ut/v3/ 		137 B
811 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
d2f565233f40683b02ba363b1ba6fd9aac63658aaf9774e0c0990b8eb42103c6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
an-x-request-uuid
0b21f3a5-9747-4f4b-8c05-6a07cc39b3a6
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
137
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebidjs
rtb.openx.net/openrtbb/ 		53 B
202 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://rtb.openx.net/openrtbb/prebidjs
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
/
Resource Hash
69a872436abaa1fa039f2403e0dc297dbc75f15f3eb043f7170b0deae14728f3

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
via
1.1 google
vary
Origin
content-type
text/plain
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
77
auction
prebid-server.rubiconproject.com/openrtb2/ 		184 B
471 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e21d2f9fd8b8a086c08dbb3c92e5f972bbae6addc1e8915931536190651af480

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
174
Expires
0
bid
ap.lijit.com/rtb/ 		24 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.51.0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash
e3c1729dcac85fe1ff03bf4245c725185ee0960cb5ae6a8a81fc0f8991433a50

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 07 Aug 2023 18:11:53 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.casho.la
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ 		138 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
7a0e1c4547b0e5c56646d22245fac6ea1264ce16e8a7582e3822c3fe6b7706b6
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
an-x-request-uuid
9b9a7f9a-729c-480c-890d-ba37be3b3ff5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
trinity.json
apex.go.sonobi.com/ 		95 B
874 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%2214151b49d4db3e9%22%3A%22d8e2fe71fbb9e3171c7f%7C462x360%7Cf%3D0.6%2Cgpid%3Dcasho.la_floating_right_1%2Cc%3Dv%2C%22%7D&ref=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&s=341ab61b-490f-485e-bb46-c6e3ece8d049&pv=1f82c164-b464-4d46-bc10-8e4d99ca28b7&vp=mobile&lib_name=prebid&lib_v=7.51.0&us=5&iqid=null&fpd=%7B%22site%22%3A%7B%22domain%22%3A%22www.casho.la%22%2C%22publisher%22%3A%7B%22domain%22%3A%22casho.la%22%7D%2C%22page%22%3A%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.google.com%2F%22%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22osv%22%3A%2210%22%2C%22geo%22%3A%7B%22lat%22%3A51.2993%2C%22type%22%3A2%2C%22country%22%3A%22DEU%22%2C%22ipservice%22%3A3%2C%22lon%22%3A9.491%7D%2C%22carrier%22%3A%22Core-Backbone%22%2C%22make%22%3A%22Google%22%2C%22ppi%22%3A45%2C%22pxratio%22%3A1%2C%22connectiontype%22%3A0%2C%22devicetype%22%3A2%2C%22ip%22%3A%2280.255.7.104%22%2C%22os%22%3A%22Windows%22%2C%22model%22%3A%22Chrome%22%2C%22lmt%22%3A0%7D%7D&ius=1&schain=%7B%22complete%22%3A1%2C%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22insticator.com%22%2C%22sid%22%3A%226d0e06f3-ff27-4d0f-a9af-57d293176a9c%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
69.166.1.8 , United States, ASN27630 (AS-XFERNET, US),
Reverse DNS
Software
sonobi-go /
Resource Hash
c08eb3aa2fa224e9aa0b74be8dff21c42d70325a43f4a2f8f4552da660e67797
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
gzip
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-6-161
content-type
application/json
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, private
access-control-allow-credentials
true
tcn
Choice
content-length
120
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
usync.html
eus.rubiconproject.com/ Frame 1087
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=missena&endpoint=eu&gdpr=0
  • https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:11:53 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 07 Aug 2023 18:11:53 GMT
location
https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0
server
AkamaiGHost
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2224b39613-fd0f-4009-9189-976a7d9bfd3d%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ Frame 8D1C 		43 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2224b39613-fd0f-4009-9189-976a7d9bfd3d%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.casho.la%252Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 841da31399fe7f7e7065c840a22fae0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
651FEENCT1HVK7MHDXKM
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
HZG8DqCKPMZKYEJKcQPMjJfLmjRfrYPbltOLeFKTbixnoTdEIwe4lw==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 8D1C 		23 B
459 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=F6pZrlISPhQUL&cb=0&ws=1600x1200&v=23.725.1446&t=8000&slots=%5B%7B%22id%22%3A%22VidCrunch_Video_Desktop%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!vidcrunch.com%2C62d0073a5831594d4e154ea4%2C1%2C%2C%2C&pubid=24b39613-fd0f-4009-9189-976a7d9bfd3d&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
TMV04DWJDYC7AV7SQERQ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
gpcaz5YurbyEdGaHgzvimuu7tWLi_mMmfY1U_RPGQb_EcH2C8rw85w==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2224b39613-fd0f-4009-9189-976a7d9bfd3d%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ Frame 8D1C 		43 B
414 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2224b39613-fd0f-4009-9189-976a7d9bfd3d%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidError%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.casho.la%252Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 841da31399fe7f7e7065c840a22fae0a.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
8T601BSZ6EAZDHET9JWV
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
NaCTAjU2oMTUXywn8S1y7CYfsCzmZmgENq1-c7CN8fY-2N2LD2tUbQ==
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 1204 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142514
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 07 Aug 2023 18:11:53 GMT
expires
Wed, 09 Aug 2023 09:47:07 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
tr5
cdn.taboola.com/libtrc/ Frame 494C 		3 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/tr5?abgroup=split-bugfix-v2_ctrl
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-fra-eddf8230058-FRA
date
Mon, 07 Aug 2023 18:11:53 GMT
via
1.1 varnish
server
Varnish
x-timer
S1691431914.810189,VS0,VE0
x-cache
HIT
content-type
text/html
access-control-allow-origin
*
cache-control
private,max-age=14400
accept-ranges
bytes
content-length
3
retry-after
0
x-cache-hits
0
impl.20230801-7-RELEASE.js
cdn.taboola.com/libtrc/ Frame 494C 		792 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230801-7-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
febf1b681599d7a9795aca2b5de06fd30743a60d10731706469d128b7a6df153

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
H8FaBTytl21JpkjeoK2.UV5W3AI_D.7M
content-encoding
br
via
1.1 varnish
date
Mon, 07 Aug 2023 18:11:53 GMT
x-amz-request-id
6K5A7QY4NF473PX2
age
14719
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
167580
x-amz-id-2
/O976ZuY+Ql/SvulswAOSyImE62GR2H0BioQ/RSZPqQf17MbPvhSET2fSZFvYd/KvDPrrSPAQvc=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Tue, 01 Aug 2023 12:36:17 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691431914.823017,VS0,VE0
etag
"9e8e0f42e971e9e56e0f1d36abf5d409"
vary
Accept-Encoding
content-type
application/javascript
abp
7
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
52
sync
ads.servenobid.com/ Frame 1F94 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=7640565164426888160&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 1F94
Redirect Chain
  • https://sync.adotmob.com/cookie/smart?r=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D66%26partneruserid%3D%7Bamob_user_id%7D&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=096922040378bc1b4ec1b12f&gdpr=0&gdpr_consent=
43 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=096922040378bc1b4ec1b12f&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=66&partneruserid=096922040378bc1b4ec1b12f&gdpr=0&gdpr_consent=
date
Mon, 07 Aug 2023 18:11:53 GMT
access-control-allow-credentials
true
x-powered-by
Express
keep-alive
timeout=5
vary
Origin
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 1F94
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=560288&ev=1&rurl=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D92%26partneruserid%3D%25%25VGUID%25%25&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ZDXVYrqtkN5A&ev=1&pid=560288&gdpr_consent=&gdpr=0
43 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ZDXVYrqtkN5A&ev=1&pid=560288&gdpr_consent=&gdpr=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=92&partneruserid=ZDXVYrqtkN5A&ev=1&pid=560288&gdpr_consent=&gdpr=0
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-glscr
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame 1F94 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=smart-adserver&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
/
rtb-csync.smartadserver.com/redir/ Frame 1F94
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?uid=627080440e659fbe0f85333c665ae1de&name=SMARTADSERVER&url=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D117%26partnerus...
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=f98f03a63ac7d4d615f6bb042ec2d483&gdpr=0&gdpr_consent=0
43 B
450 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=f98f03a63ac7d4d615f6bb042ec2d483&gdpr=0&gdpr_consent=0
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.138.151 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:53 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
location
https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=117&partneruserid=f98f03a63ac7d4d615f6bb042ec2d483&gdpr=0&gdpr_consent=0
p3p
CP="CAO PSA OUR"
cache-control
no-cache, no-store, must-revalidate
x-envoy-upstream-service-time
3
content-length
0
expires
0
43646921-d1d4-4001-a4eb-1zz1691431910
sync.missena.io/richaudience/ Frame A472
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=pbs&r=https://sync.missena.io/richaudience/%5BPDID%5D
  • https://sync.missena.io/richaudience/43646921-d1d4-4001-a4eb-1zz1691431910
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/richaudience/43646921-d1d4-4001-a4eb-1zz1691431910
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.80.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Date
Mon, 07 Aug 2023 18:11:54 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Mon, 07 Aug 2023 18:11:54 GMT
Pragma
no-cache
Vary
Origin

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:50 GMT
location
https://sync.missena.io/richaudience/43646921-d1d4-4001-a4eb-1zz1691431910
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
7640565164426888160
sync.missena.io/smart/ Frame 5FD4
Redirect Chain
  • https://sync.smartadserver.com/getuid?gdpr=0&nwid=3927&url=https%3A%2F%2Fsync.missena.io%2Fsmart%2F%5Bsas_uid%5D
  • https://sync.smartadserver.com/getuid?gdpr=0&nwid=3927&url=https://sync.missena.io/smart/[sas_uid]&cklb=1
  • https://sync.missena.io/smart/7640565164426888160
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/smart/7640565164426888160
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.80.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Date
Mon, 07 Aug 2023 18:11:54 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Mon, 07 Aug 2023 18:11:54 GMT
Pragma
no-cache
Vary
Origin

Redirect headers

content-length
0
date
Mon, 07 Aug 2023 18:11:53 GMT
location
https://sync.missena.io/smart/7640565164426888160
b1f810163d32d0b701c8bfa0f426ccd7
sync.missena.io/smilewanted/ Frame EDFC
Redirect Chain
  • https://csync.smilewanted.com/getuid?gdpr=0&pubid=3924&redirect=https%3A%2F%2Fsync.missena.io%2Fsmilewanted%2F%24UID&source=openrtb-via-prebid-server
  • https://sync.missena.io/smilewanted/b1f810163d32d0b701c8bfa0f426ccd7
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/smilewanted/b1f810163d32d0b701c8bfa0f426ccd7
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.80.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Date
Mon, 07 Aug 2023 18:11:53 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Mon, 07 Aug 2023 18:11:53 GMT
Pragma
no-cache
Vary
Origin

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f317c1599061c9d-FRA
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:53 GMT
location
https://sync.missena.io/smilewanted/b1f810163d32d0b701c8bfa0f426ccd7
server
cloudflare
impl.20230802-16-RELEASE.js
cdn.taboola.com/libtrc/ Frame 5E3B 		792 KB
164 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3-br /
Resource Hash
be1e74c1b5359991d1809967d6a3bddaed43055482e5e42b4c0cf324177dcf3c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
B8xxB0GScEP_RQvy7Qheco1XNO8C16fh
content-encoding
br
via
1.1 varnish
date
Mon, 07 Aug 2023 18:11:53 GMT
x-amz-request-id
VH7Z0JGZ4F7SEJE8
age
21992
x-amz-server-side-encryption
AES256
x-cache
HIT
content-length
167712
x-amz-id-2
guL+4OR+Tt4OrWuxGEtczXgnSJ1VwvQPnmWy41wMNYWcNdrFFJUK4DcQkODQLE0rRfhF64P5fxA=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Wed, 02 Aug 2023 12:04:43 GMT
server
AmazonS3-br
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691431914.887265,VS0,VE0
etag
"9bd2884e43a521953c7e23ef55609cae"
vary
Accept-Encoding
content-type
application/javascript
abp
68
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
56721
5730477144318325021
sync.missena.io/xandr/ Frame C35B
Redirect Chain
  • https://secure.adnxs.com/getuid?https://sync.missena.io/xandr/$UID?fu&gdpr=0
  • https://sync.missena.io/xandr/5730477144318325021?fu&gdpr=0
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/xandr/5730477144318325021?fu&gdpr=0
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.80.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Date
Mon, 07 Aug 2023 18:11:53 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Mon, 07 Aug 2023 18:11:53 GMT
Pragma
no-cache
Vary
Origin

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
7eef7478-5c87-4013-9b65-49bfbd0a6fbd
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:11:53 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://sync.missena.io/xandr/5730477144318325021?fu&gdpr=0
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
hbw_master_310028_13810.js
player.hb.selectmedia.asia/prebidlink/HX2S5/ Frame C3B2 		649 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://player.hb.selectmedia.asia/prebidlink/HX2S5/hbw_master_310028_13810.js
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/469842/wrapper_hb_310028_13810.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.4 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
db471246e58547b89fcfef260155de7f95529b9f1fd692075912dccedf77c747

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:53 GMT
content-encoding
gzip
last-modified
Fri, 04 Aug 2023 21:57:24 GMT
server
nginx
etag
W/"64cd7444-a230d"
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=172800
expires
Wed, 09 Aug 2023 18:11:53 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/ Frame C3B2 		400 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js?cb=31076763
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:806::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
95a0a6e3823b20170bbae77c19ce189d6a1b178f6230ed124cc85da8011bdf28
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 13:45:47 GMT
content-encoding
br
x-content-type-options
nosniff
age
15966
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
129393
x-xss-protection
0
server
cafe
etag
2294886439466480038
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Tue, 06 Aug 2024 13:45:47 GMT
occ
ups.analytics.yahoo.com/ups/58673/ Frame 8506 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58673/occ?gdpr=0
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
0
date
Mon, 07 Aug 2023 18:11:54 GMT
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
server
ATS/9.1.10.64
strict-transport-security
max-age=31536000
1a503959ebcbd5f5cc7a854e6acf47b4
sync.missena.io/adyoulike/ Frame 5EAE
Redirect Chain
  • https://visitor.omnitagjs.com/visitor/bsync?gdpr=0&uid=9d3de46176757cb28c73de5b6692c577&name=MISSENA&url=https%3A%2F%2Fsync.missena.io%2Fadyoulike%2F%7BuserId%7D
  • https://sync.missena.io/adyoulike/1a503959ebcbd5f5cc7a854e6acf47b4
0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/adyoulike/1a503959ebcbd5f5cc7a854e6acf47b4
Requested by
Host: sync.missena.io
URL: https://sync.missena.io/iframe
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.80.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://sync.missena.io/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Date
Mon, 07 Aug 2023 18:11:54 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Mon, 07 Aug 2023 18:11:54 GMT
Pragma
no-cache
Vary
Origin

Redirect headers

cache-control
no-cache, no-store, must-revalidate
content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:53 GMT
expires
0
location
https://sync.missena.io/adyoulike/1a503959ebcbd5f5cc7a854e6acf47b4
p3p
CP="CAO PSA OUR"
pragma
no-cache
server
ayl-lb-fra02
vary
Accept-Encoding
x-content-type-options
nosniff
x-envoy-upstream-service-time
3
lt.min.js
tags.crwdcntrl.net/lt/c/15238/ Frame F47C 		58 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/f6ee63a0c2353004/lotame20220615.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 11:15:12 GMT
content-encoding
gzip
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
25003
x-amz-server-side-encryption
AES256
etag
W/"0c967603b7e4d32b78b7ca772270a5c4"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
ySFPramBZj8RcQsjpVjUoausbtgPA7to2GFTw_ZI97-FXKeNuHNNqA==
1546425929-667526e0ff059a2bc42edf04d9349356d55f90c7846fde90aa91ded9ea1d97ae-d
i.vimeocdn.com/video/ 		81 KB
81 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1546425929-667526e0ff059a2bc42edf04d9349356d55f90c7846fde90aa91ded9ea1d97ae-d
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
146.75.122.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
c3a1c113a2a11583e364fd300caee84e97d0c434ca6d5b0f7a7a12a03d16083a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
452754
x-viewmaster-lossless-format
automatic
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
82533
viewmaster-server
viewmaster-us-central1-f8vt
x-served-by
cache-dfw-kdfw8210101-DFW, cache-fra-etou8220057-FRA
x-timer
S1691431914.241073,VS0,VE0
etag
2db8bf9dcc7111c95e04011aaa086cb5
access-control-max-age
86400
vary
Accept
content-type
image/avif
access-control-allow-origin
*
access-control-expose-headers
X-Viewmaster-Status
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1306, 8
usersync
usersync.gumgum.com/ Frame 1A24
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=&_test=ZNEz6gAAAyP6cAA4
  • https://usersync.gumgum.com/usersync?b=atm&i=ZNEz6gAAAyP6cAA4&gdpr=0&gdpr_consent=&_test=ZNEz6gAAAyP6cAA4
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZNEz6gAAAyP6cAA4&gdpr=0&gdpr_consent=&_test=ZNEz6gAAAyP6cAA4
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:54 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 07 Aug 2023 18:11:54 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZNEz6gAAAyP6cAA4&gdpr=0&gdpr_consent=&_test=ZNEz6gAAAyP6cAA4
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230055-FRA
x-timer
S1691431915.511638,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 4E76 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OGMwNjE5MC1iOTMyLTQxNmQtYjQyYS03MDk3NTQ2ZjgzOTM=&gdpr=0&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 18:11:54 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 74DA 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142513
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 07 Aug 2023 18:11:54 GMT
expires
Wed, 09 Aug 2023 09:47:07 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame 0BAB 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 07 Aug 2023 18:11:54 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 7B6E
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNEz68Co8X8AAGhRQwcAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZNEz68Co8X8AAGhRQwcAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:55 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 07 Aug 2023 18:11:55 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZNEz68Co8X8AAGhRQwcAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
3
X-SO-Cluster-ID
0
X-SO-HostName
m-ad226.dc4p.scaleout.jp
X-SO-IP
80.255.7.104
X-SO-Key
ZNEz68Co8X8AAGhRQwcAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZNEz68Co8X8AAGhRQwcAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad226"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad226
gumgum
cs.admanmedia.com/sync/ Frame 293B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_58c06190-b932-416d-b42a-7097546f8393&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=0&gdpr_consent=&ccpa=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 07 Aug 2023 18:11:54 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
usermatchredir
ssum-sec.casalemedia.com/ Frame 4A8C 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:54 GMT
Expires
0
Keep-Alive
timeout=1, max=499
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame D59C
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://usersync.gumgum.com/usersync?b=rth&i=0zEZpqla0Dxyke00P29J&pi=gumgum&tc=1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=0zEZpqla0Dxyke00P29J&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:54 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 07 Aug 2023 18:11:54 GMT Mon, 07 Aug 2023 18:11:54 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=0zEZpqla0Dxyke00P29J&pi=gumgum&tc=1
pragma
no-cache
ads
pubads.g.doubleclick.net/gampad/ Frame C7A7 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21760922134%2Fca-video-pub-4090704406626496-tag%2Fviads.casho.la&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&min_ad_duration=0&max_ad_duration=45000&vrid=1248875&sid=D391841B-D43D-43EB-8439-86230AABF824&adk=1369229360&cookie_enabled=1&correlator=282904009061423&ctv=0&dlt=1691431906571&dt=1691431914132&ged=timeout&idt=5037&is_amp=0&npa=false&omid_p=Google1%2Fh.3.584.2&osd=2&ptt=20&ref=https%3A%2F%2Fwww.google.com%2F&scor=3188084528220219&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&hl=en&frm=0&sdki=445&sdkv=h.3.584.2&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&top=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&loc=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
publishertag.prebid.136.js
static.criteo.net/js/ld/ 		93 KB
30 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/publishertag.prebid.136.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:3::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
nginx /
Resource Hash
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Fri, 19 May 2023 17:15:21 GMT
server
nginx
etag
W/"6467aea9-175c4"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Tue, 08 Aug 2023 18:11:54 GMT
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame A129 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 07 Aug 2023 18:26:54 GMT
hadron.js
cdn.hadronid.net/ Frame A129 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&ref=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&_it=amazon&partner_id=450
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR6ZEGAGSH9EK3S
age
6759
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7f317c179d5a918e-FRA
x-amz-id-2
YYdcwitRr3DHNt7NQm1+Sg902LJSB4f7qhP3lwSODEZFT62tqhOtbf8uahKDj8SpjLadVWf2scE=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame A129 		111 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
QGNMJRCNX2F6Z540
age
2655
etag
W/"850654f90e2ec1863b605c4395898e58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f317c179ec4364a-FRA
x-amz-id-2
j5ld6KzwPFVU6Rd930exz0a+X/1LLWbV02RrXUIIY/rFcwprRyXb/YEotYzHtILzQ99P5qOF8T4=
usync.js
eus.rubiconproject.com/ Frame 1087 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:54 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25469
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VKSM81WPC3
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/player.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f3a64c817844873cedba93181e4b3eaf7fc984e1e45627fe6b5a314e195687a1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85731
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 07 Aug 2023 18:11:54 GMT
js
www.googletagmanager.com/gtag/ 		247 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-VKSM81WPC3&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-J9WFNRQLJJ&cx=c&_slc=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
d57e8f360a4443bee3c35e6d70fe13648299f21bf3ba0460acd9d7f089275e46
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
85870
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Mon, 07 Aug 2023 18:11:54 GMT
15581
rtb.gumgum.com/usync/ Frame 55B8 		4 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
63.34.143.222 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-63-34-143-222.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6d845c55a60ee43cf22012d2702b2ffe7b5ce79d49e51392a71e0d9cfea9fac4

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Mon, 07 Aug 2023 18:11:54 GMT
etag
W/"075500631f1707c2ef85da4ca052de361"
server
nginx
timing-allow-origin
*
sync
eb2.3lift.com/ Frame D595 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?redir=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fuid%3D%24UID%26dc%3D4d76b6ce34af74c9%26iss%3D1
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Mon, 07 Aug 2023 18:11:54 GMT
csync
sync.adtelligent.com/ Frame B174 		43 B
453 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=307971&extuid=AJmriUcKZ9TghKpd
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D307971%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.us.e-planning.net/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:54 GMT
Etag
98bc15074146f0fd
Server
Adtelligent
img.fetch
udmserve.net/udm/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=17661;tid=1;dt=6;cb=498521b8192bfd1;refresh=2;trigger=ref_aft_def_standard;gdprApplies=true;consentGiven=false;consentData=cmpMissing
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.21.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
6eebbe36469ff48238848738be8740340afe3a863ccda7d3a0e27d1dc2ea03b0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:54 GMT
Content-Encoding
gzip
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Length
1707
Expires
0
usync.html
eus.rubiconproject.com/ Frame 4A39
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:11:54 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 07 Aug 2023 18:11:54 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
csi
csi.gstatic.com/ Frame 6426 		0
234 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll16w0vn&c=960899130579&slotId=480449565289.5&eee=missing-element&bi=missing-id&vast_v=3.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 3597 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F92056281%2Fcashola-premium&sz=480x270&ciu_szs=300x60&cust_params=sessionKey%3D214862936-Zw4GL6aFpv7EIrJ3%26schain%3Dstnvideo.com%2CAasBUF7V9msOtfGMQ_QfpQ%26content%3D8786%26placementType%3DPremium%26embed%3DnydEIVUv%26domain%3Dcasho.la%26player_size%3Dmedium%26player_width%3D462%26player_height%3D260%26player_type%3Dfloat%26version%3D7.20.1%26player_status%3DLVFNMNIY%26play_code%3D2008%26view100%3D1%26excl_cat%3Dstl_id00157%26rand%3D20%26uhr%3D18%26iris_id%3Diris_3a3ab8c6a23b5003%26iris_context%3Dic_8121076%2Cic_8240327%2Cic_2001389%2Cic_9146060%2Cic_0291942%2Cic_3572470%2Cic_7753435%2Cic_1612662%2Cic_1543298%2Cic_0344266%2Cic_5043113%2Cic_7287399%26us_privacy%3Dfalse%26keywchk%3Dok&url=https%3A%2F%2Fwww.casho.la%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=1&lip=true&min_ad_duration=0&max_ad_duration=190000&vrid=1263268&us_privacy=false&hl=en&cmsid=2631244&vconp=2&video_doc_id=2924987&vpa=auto&vpmute=1&kfa=0&tfcd=0&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=stnvideo%2Fplayer&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=130015200&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=6CF8F381-1938-4857-B6DA-CAD128FC1EAF&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&top=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&loc=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=4219&dt=1691431914688&cookie_enabled=1&correlator=994404885735784&scor=3529354281987119&ged=ve4_td7_tt3_pd7_la7000_er0.0.0.0_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:54 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
e7fc7146-443e-4ea8-85ea-2faab824422a
https://www.casho.la/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.casho.la/e7fc7146-443e-4ea8-85ea-2faab824422a
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
truncated
/ 		351 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/svg+xml
8ba51e72-658f-4620-aefd-23f4f46924e6
https://www.casho.la/ 		1 KB
0 		Media
General
Check archive.org
Download Go to
Full URL
blob:https://www.casho.la/8ba51e72-658f-4620-aefd-23f4f46924e6
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda

Request headers

Referer
Accept-Encoding
identity;q=1, *;q=0
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Range
bytes=0-

Response headers

Content-Range
bytes 0-1492/1493
Content-Length
1493
Content-Type
video/mp4
21928950349
fundingchoicesmessages.google.com/i/ 		150 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/i/21928950349?ers=3
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202308030101/pubads_impl.js?cb=31076822
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
05e37ee5edccae942d9f7e506e9aea2908a87b10e852a598817bafc449f7fd77
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-WYzl7DRwn8BqJMPtZyDa_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
content-security-policy
script-src 'report-sample' 'nonce-WYzl7DRwn8BqJMPtZyDa_g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
collect
region1.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PEGZJDQ1BR&gtm=45je3820&_p=330834980&cid=1849936587.1691431909&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dr=https%3A%2F%2Fwww.google.com%2F&sid=1691431914&sct=1&seg=0&dl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dt=Cashola&en=page_view&_fv=1&_ss=1&ep.video_ad_unit=%2F175840252%2C270787323%2FMMPlus%2FCrateNetwork%2Fcasho.la%2FVideo&ep.video_prepv_time_in_process=time%20in%20process%3D0%20milliseconds&ep.player_ownership=MMPlus&ep.video_has_restriction=no&ep.video_player_version=4.4.85&ep.injectable_unit_domain=www.casho.la&ep.video_player_property=crate-network&ep.injectable_unit_size=462%3A260&ep.injectable_unit_type=video&ep.player_organization=crate-network&ep.injectable_unit_video_player_id=none&ep.video_player_closeable=yes&ep.video_viewable_port=0%20-%209&ep.video_traffic_domain=Lifestyle&ep.player_name=MM%2B%20%7C%20CrateNetwork%20%7C%20cookingfanatic.com&ep.injectable_unit_video_ad_timeout=10%20sec&ep.injectable_unit_video_playback_method=auto%20play&epn.unique_event_id_hit=1&ep.video_player_type=Injection&ep.video_winning_bid_prebid_cpm=none&ep.video_winning_bid_prebid_original_cpm=none&ep.video_serving_method=none&ep.video_full_screen_on=no&ep.anonymizeIp=true&ep.campaignSource=Partners&ep.campaignMedium=MMPlus&epn.video_load_time=0&ep.anonimized=true&ep.video_winning_bid_cpm=none
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-PEGZJDQ1BR&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:54 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 5E4A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_cm&google_hm=TEwxNlZYT0EtSi0yOFJQ
  • https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESEAnzqn0EsU9BBirZA6qFLNY&google_cver=1
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwxNlZYT0EtSi0yOFJQ&google_push=
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwxNlZYT0EtSi0yOFJQ&google_push=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H3
Server
142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:57 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Content-Type
text/html
Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TEwxNlZYT0EtSi0yOFJQ&google_push=
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
Expires
0
pixel
cm.g.doubleclick.net/ Frame 5E4A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2EzYzdhYmQxMjZjM2FmZDA2MGExMGNiZjgwNWJiNDFhYTY1NDBiZA
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2EzYzdhYmQxMjZjM2FmZDA2MGExMGNiZjgwNWJiNDFhYTY1NDBiZA
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H3
Server
142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:56 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=N2EzYzdhYmQxMjZjM2FmZDA2MGExMGNiZjgwNWJiNDFhYTY1NDBiZA
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5E4A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/MqI8EXDoCgPUSASZ8xEX-Q?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KzQot3FE2oK1lyyYLjeC4hAxwDtoSxo3RS3V_Q--~A
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KzQot3FE2oK1lyyYLjeC4hAxwDtoSxo3RS3V_Q--~A
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

date
Mon, 07 Aug 2023 18:11:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=y-KzQot3FE2oK1lyyYLjeC4hAxwDtoSxo3RS3V_Q--~A
content-length
0
setuid
px.ads.linkedin.com/ Frame 5E4A
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL16VXOA-J-28RP
0
864 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL16VXOA-J-28RP
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
nel
{"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop
afd-prod-ltx1-x
x-msedge-ref
Ref A: 45813B0753EA4685B8B746201A432E1B Ref B: DUS30EDGE0410 Ref C: 2023-08-07T18:11:56Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
report-to
{"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric
prod-ltx1
x-li-proto
http/2
content-length
0
x-li-uuid
AAYCWS6QCmuk4R2JSw0CAA==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=LL16VXOA-J-28RP
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
dcm
aax-eu.amazon-adsystem.com/s/ Frame 5E4A 		43 B
855 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:55 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
6F1Y6RQ9A4AK77FNSBW8
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT
ecm3
s.amazon-adsystem.com/ Frame 5E4A
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=50cd21b7-d8d7-4615-9fb9-a2be831f8488&id=
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=iIBlWBrzQ1qJlLLa9w74dQ&rk=usync-na
  • https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iIBlWBrzQ1qJlLLa9w74dQ
43 B
479 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iIBlWBrzQ1qJlLLa9w74dQ
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:56 GMT
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Server
Server
x-amz-rid
C9N79GW35A0MQKED9JQR
Vary
Content-Type,Accept-Encoding,User-Agent
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://s.amazon-adsystem.com/ecm3?ex=rubiconprojectHMT&id=iIBlWBrzQ1qJlLLa9w74dQ
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 5E4A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBPdMAJ-gXHrXrNq0EmEKgs&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBPdMAJ-gXHrXrNq0EmEKgs&google_cver=1
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
cc9654c54e9aa67bf2b10be1073297a8
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:55 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEBPdMAJ-gXHrXrNq0EmEKgs&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 5E4A 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:55 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
csi
csi.gstatic.com/ Frame C7A7 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll16vzlq&c=960899130579&slotId=480449565289.5&eee=missing-element&bi=missing-id&vast_v=4.0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ub.svg
cdn.unibotscdn.com/ubplayer/logo/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.unibotscdn.com/ubplayer/logo/ub.svg
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1079:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1079 /
Resource Hash
a60a1b492ccc3784df2d649db4bf3fbb8bb70a583522a61194e7552a6e28c5aa

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
content-encoding
gzip
cdn-edgestorageid
1049
cdn-storageserver
DE-200
cdn-cachedat
11/12/2022 05:25:03
cdn-pullzone
873945
last-modified
Thu, 30 Jun 2022 06:20:30 GMT
server
BunnyCDN-DE1-1079
cdn-fileserver
377
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=2592000
cdn-requestid
22c5582726cd5894e9ec7122a711f93c
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
logo_2.svg
unibots.b-cdn.net/ubplayer/logo/new/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://unibots.b-cdn.net/ubplayer/logo/new/logo_2.svg
Requested by
Host: cdn.unibotscdn.com
URL: https://cdn.unibotscdn.com/ubplayer/css/ub-player.css
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1047:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1047 /
Resource Hash
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://cdn.unibotscdn.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
content-encoding
gzip
cdn-edgestorageid
1047
cdn-storageserver
DE-51
cdn-cachedat
08/02/2023 18:29:37
cdn-pullzone
483488
last-modified
Thu, 01 Dec 2022 03:57:52 GMT
server
BunnyCDN-DE1-1047
cdn-fileserver
135
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
image/svg+xml
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
cache-control
public, max-age=3600
cdn-requestid
3ac6b30a22d0b772335f03a30f0eefa0
cdn-requestcountrycode
DE
cdn-status
200
cdn-requestpullsuccess
True
async_usersync
ib.adnxs.com/ Frame 6E88 		0
594 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:55 GMT
an-x-request-uuid
a94d47cc-65e6-4431-a011-e708ad92fc6f
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
cache-control
no-store, no-cache, private
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 4A39 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:55 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25468
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
vpaid.js
powerad.ai/vast/ Frame 70EB 		43 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://powerad.ai/vast/vpaid.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62d0073a5831594d4e154ea4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.206.242.72 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-206-242-72.compute-1.amazonaws.com
Software
/ Express
Resource Hash
f3393f023cd224f4a20bd2ac8e0f577a63edec43d937d9a7deefaf9848a05c17

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
content-encoding
gzip
last-modified
Mon, 07 Aug 2023 15:12:14 GMT
x-powered-by
Express
etag
W/"add3-189d08e4efe"
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=172800
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
*
ads
pubads.g.doubleclick.net/gampad/ Frame 6426 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Fcasho.la_3.1&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1059784149220957&vpmute=0&mpt=stnvideo%2Fplayer&vpa=auto&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=1467340240&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&media_url=blob%3Ahttps%253a%2F%2Fwww.casho.la%2Fce0a57bf-bafc-4479-a732-f0928b6b08e5&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=6924&dt=1691431915150&cookie_enabled=1&scor=2733261693462395&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync
usersync.gumgum.com/ Frame 55B8
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=5730477144318325021
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=5730477144318325021
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:55 GMT
an-x-request-uuid
3ff0c3d7-f791-43bb-8cdb-715ba1f2055a
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://usersync.gumgum.com/usersync?b=apn&i=5730477144318325021
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
x.bidswitch.net/ Frame 55B8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_58c06190-b932-416d-b42a-7097546f8393&gdpr=&gdpr_consent=&us_privacy=
  • https://cms.quantserve.com/pixel/p-zLwwakwy-hZw3.gif?idmatch=0&ssp=gumgum2&gdpr=&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=1ZKQJ9CVkSHOx8Yn08DZcteQxCfOkZIu1JB5ofj3
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=1ZKQJ9CVkSHOx8Yn08DZcteQxCfOkZIu1JB5ofj3
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Server
18.184.249.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:56 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://x.bidswitch.net/sync?dsp_id=76&user_group=2&ssp=gumgum2&&user_id=1ZKQJ9CVkSHOx8Yn08DZcteQxCfOkZIu1JB5ofj3
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
syncPlatform
sync.outbrain.com/ Frame 55B8
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRd...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28gSF70TaAqZxyF5kNq2OK859qaLeRC03V4E6zdl-O5jy3WCeYapGmYvzUXrx1MC6b%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_58c06190-b932-416d-b42a-7097546f8393&obuid=ENC(gSF70TaAqZxyF5kNq2OK859qaLeRC03V4E6zdl-O5jy3WCeYapGmYvzUXrx1MC6b)
  • https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
0
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:58 GMT
Cache-Control
no-cache
X-TraceId
609a91fbab2398892cfd4f6e9d045ddb
Content-Length
0

Redirect headers

Location
https://sync.outbrain.com/syncPlatform?platformId=GUMGU18H7EL9NI653I7DPEH51
Date
Mon, 07 Aug 2023 18:11:57 GMT
X-TraceId
24081cb35a21f6bbcaaed7118280e6a0
Content-Length
0
cm
us-u.openx.net/w/1.0/ Frame 55B8 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=&gdpr_consent=&us_privacy=&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:56 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
usersync
usersync.gumgum.com/ Frame 55B8
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-23274dc7-b2a5-5112-533c-a9899e314bea$ip$80.255.7.104
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-23274dc7-b2a5-5112-533c-a9899e314bea$ip$80.255.7.104
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-23274dc7-b2a5-5112-533c-a9899e314bea$ip$80.255.7.104
Date
Mon, 07 Aug 2023 18:11:56 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 55B8
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-f7sL4CJE2pdPSMetCmdiGaApWvl340zboCw3~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-f7sL4CJE2pdPSMetCmdiGaApWvl340zboCw3~A
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 07 Aug 2023 18:11:56 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
location
https://usersync.gumgum.com/usersync?b=oth&i=y-f7sL4CJE2pdPSMetCmdiGaApWvl340zboCw3~A
content-length
0
usersync
usersync.gumgum.com/ Frame 55B8
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=&gdpr_consent=&us_privacy=&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%...
  • https://usersync.gumgum.com/usersync?b=vnt&i=8c48c19e-9d22-4c9e-97fa-763d6825accb
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=8c48c19e-9d22-4c9e-97fa-763d6825accb
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=8c48c19e-9d22-4c9e-97fa-763d6825accb
Date
Mon, 07 Aug 2023 18:11:56 GMT
Connection
keep-alive
X-CI-RTID
54425260-0c2c-4ca6-b271-7a7c406f3427
Content-Length
108
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 55B8
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

date
Mon, 07 Aug 2023 18:11:56 GMT
via
1.1 varnish
server
nginx
age
0
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
text/plain; charset=utf-8
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-origin
https://rtb.gumgum.com/
x-varnish
991545589
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 55B8 		0
39 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
38.91.45.7 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
Software
c /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
content-length
0
server
c
usersync
usersync.gumgum.com/ Frame 55B8
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_58c06190-b932-416d-b42a-7097546f8393&gdpr=&gdpr_consent=&us_privacy=&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://usersync.gumgum.com/usersync?b=zem&i=
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&i=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:57 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=zem&i=
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:57 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
72
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 55B8
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=36b73796-ef19-4f27-a528-af0524e6a54d
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=36b73796-ef19-4f27-a528-af0524e6a54d
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=36b73796-ef19-4f27-a528-af0524e6a54d
access-control-allow-origin
*
date
Mon, 07 Aug 2023 18:11:56 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
usersync
usersync.gumgum.com/ Frame 55B8
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=go9xFeY0zaTa&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=go9xFeY0zaTa&ev=1&pid=558355
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Date
Mon, 07 Aug 2023 18:11:56 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=go9xFeY0zaTa&ev=1&pid=558355
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6f79b8d6bf-sf7cf
expires
-1
sync
ssbsync.smartadserver.com/api/ Frame 55B8 		0
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.155 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
content-length
0
um
sync.e-planning.net/ Frame 55B8 		42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.e-planning.net/um?dc=1a6b1d3b3872943b&fi=c1ab0a3ba8e76a50&uid=e_58c06190-b932-416d-b42a-7097546f8393
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.3 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://rtb.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

server
openresty
date
Mon, 07 Aug 2023 18:11:56 GMT
content-type
image/gif
csi
csi.gstatic.com/ Frame 6426 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ll16w1u9&c=960899130579&slotId=480449565289.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:55 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
gum.criteo.com/ Frame 494C 		46 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
260949
expires
60
json
trc.taboola.com/themonetizer-cashola/trc/3/ Frame 494C 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-cashola/trc/3/json?tim=18%3A11%3A55.868&lti=split-bugfix-v2_ctrl&data=%7B%22id%22%3A92%2C%22ii%22%3A%22%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1691075887071%2C%22vi%22%3A1691431915853%2C%22cv%22%3A%2220230801-7-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22pev%22%3A12549%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22vpi%22%3A%22%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%22%2C%22e%22%3A%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A1%2C%22uim%22%3A%22thumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22506260-PAVE%20BAS%22%2C%22orig_uip%22%3A%22506260-PAVE%20BAS%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2C506260-PAVE%20BAS%3Dthumbnails-b%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22split-bugfix-v2_ctrl%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
29ac6868c6f323f34418933683b2496a3274059f44f5909df6be3e4c10b1f428

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
129
date
Mon, 07 Aug 2023 18:11:56 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7488
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230058-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1691431916.886881,VS0,VE129
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
sync
gum.criteo.com/ Frame 5E3B 		46 B
287 B 		Script
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sync?c=72&r=2&j=TRC.getRTUS
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:55 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
private, max-age=3600
server-processing-duration-in-ticks
238306
expires
60
json
trc.taboola.com/themonetizer-cashola/trc/3/ Frame 5E3B 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-cashola/trc/3/json?tim=18%3A11%3A56.184&lti=deflated&data=%7B%22id%22%3A14%2C%22ii%22%3A%22%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%22%2C%22it%22%3A%22text%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22uifp%22%3Anull%2C%22lbt%22%3A1691075887071%2C%22vi%22%3A1691431915853%2C%22cv%22%3A%2220230802-16-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22bv%22%3A%220%22%2C%22wc%22%3Atrue%2C%22ul%22%3A%5B%22en-US%22%2C%22en%22%5D%2C%22uad%22%3A%7B%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%2C%22uaFullVersion%22%3A%22%22%7D%2C%22btv%22%3A%220%22%2C%22cos%22%3A%224g%22%2C%22plf%22%3A%7B%22ack_exm%22%3Atrue%7D%2C%22bu%22%3A%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22vpi%22%3A%22%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%22%2C%22e%22%3A%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22bad%22%3A-1%2C%22sw%22%3A1600%2C%22sh%22%3A1200%2C%22bw%22%3A300%2C%22sde%22%3A%221.000%22%2C%22bh%22%3A150%2C%22dw%22%3A300%2C%22dh%22%3A150%2C%22nsid%22%3A%22themonetizer-network%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-t2m%22%2C%22s%22%3A2%2C%22uim%22%3A%22thumbnails-c%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22uip%22%3A%22506260-GRAND%20ANGLE%22%2C%22orig_uip%22%3A%22506260-GRAND%20ANGLE%22%2C%22cd%22%3A8%2C%22mw%22%3A284%7D%5D%2C%22cacheKey%22%3A%22text%3D%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2C506260-GRAND%20ANGLE%3Dthumbnails-c%3Apub%3Dthemonetizer-network%3Aabp%3D0%22%2C%22cb%22%3A%22TRC.callbacks.recommendations_1%22%2C%22lt%22%3A%22deflated%22%7D&llvl=2
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
954e6d384042fe16d73df21f53bbcfef07f35fe1afd1a01e91779bb6dbaecaaf

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-vcl-time-ms
156
date
Mon, 07 Aug 2023 18:11:56 GMT
content-encoding
gzip
via
1.1 varnish
x-fastly-to-nlb-rtt
7517
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230058-FRA
x-log-content-encoding
gzip
server
nginx
x-timer
S1691431916.201872,VS0,VE156
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
config.json
player.adtelligent.com/exchange_rates/305666/ Frame C3B2 		28 KB
12 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://player.adtelligent.com/exchange_rates/305666/config.json?cb=https%3A%2F%2Fwww.casho.la
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
45.133.44.3 Philadelphia, United States, ASN39572 (ADVANCEDHOSTERS-AS, NL),
Reverse DNS
Software
nginx /
Resource Hash
b2fd5f4e6c07b0ac32a322501326bf06f75ff5345c0d141e362809eb58a7cd43

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

expires
Wed, 09 Aug 2023 18:11:56 GMT
date
Mon, 07 Aug 2023 18:11:56 GMT
content-encoding
gzip
last-modified
Sat, 05 Aug 2023 12:02:20 GMT
server
nginx
etag
W/"64ce3a4c-70a6"
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
max-age=172800
x-proxy-cache
HIT
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 1087 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=missena&gdpr=0&gdpr=0&khaos=LL16VXOA-J-28RP
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=missena&endpoint=eu&gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
bridge-31050.js
video-ads.rubiconproject.com/video/ Frame 8752 		65 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://video-ads.rubiconproject.com/video/bridge-31050.js
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.212.89.194 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-89-194.deploy.static.akamaitechnologies.com
Software
Apache/2.4.6 (CentOS) PHP/5.4.16 /
Resource Hash
c002b1b4f4aacc0c7e2bf806a9efa9263fb5f34826500f0ffb0417238cc7cceb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:56 GMT
Content-Encoding
gzip
Last-Modified
Thu, 10 Nov 2022 16:05:35 GMT
Server
Apache/2.4.6 (CentOS) PHP/5.4.16
ETag
"10253-5ed1ff17fb1c0-gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
POST, GET, PUT, OPTIONS, PATCH, DELETE
Content-Type
application/javascript
Access-Control-Allow-Origin
Access-Control-Allow-Credentials
true
Connection
keep-alive
Accept-Ranges
bytes
Access-Control-Allow-Headers
X-Accept-Charset,X-Accept,Content-Type
Content-Length
20231
drop_cookie_sw.php
csync.smilewanted.com/ Frame C361 		0
345 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/drop_cookie_sw.php
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f317c24eb321c9d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:56 GMT
server
cloudflare
vary
Accept-Encoding
envelope
lexicon.33across.com/v1/ 		0
0
fed
ups.analytics.yahoo.com/ups/58809/ 		2 B
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ups.analytics.yahoo.com/ups/58809/fed?v=1&1p=0&gdpr=0&gdpr_consent=&us_privacy=&url=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&pixelId=58809
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
vary
Origin
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
access-control-allow-origin
https://www.casho.la
content-type
application/json
access-control-allow-credentials
true
rid
match.adsrvr.org/track/ 		63 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=1324mj4&fmt=json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
5124ca919cf8d8860466b9c3facd95e4929ca3f49e2f6f3e64c6656141bedf3b

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 06 Sep 2023 18:11:56 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DA7D 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142511
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 07 Aug 2023 18:11:56 GMT
expires
Wed, 09 Aug 2023 09:47:07 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame E7FA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=75a1922f904cc20&gdpr=0&gdpr_consent=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://s.adtelligent.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
csync
sync.adtelligent.com/ Frame 0533 		43 B
320 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.adtelligent.com/csync?redir=
Requested by
Host: s.adtelligent.com
URL: https://s.adtelligent.com/sync.html?aid=651796
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://s.adtelligent.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:56 GMT
Server
Adtelligent
Etag
98bc15074146f0fd
Content-Length
43
Content-Type
image/gif
csi
csi.gstatic.com/ Frame 3597 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll16vy6h&c=960899130579&slotId=480449565289.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.casho.la&url=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
7f317c25d8de6957-FRA
content-length
0
content-type
application/json
date
Mon, 07 Aug 2023 18:11:56 GMT
debug
OPTIONS block
expires
Tue, 06 Aug 2024 18:11:56 GMT
server
cloudflare
hadron.json
id.hadron.ad.gt/v1/ 		93 B
285 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=amazon&partner_id=288&sync=0&domain=www.casho.la&url=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:17ea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
45cd14915c5bccdb6b314c99d357229acb52abed61b21f037eb61dc5c41e8523

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
7f317c26ca3f6957-FRA
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Mon, 07 Aug 2023 18:26:56 GMT
pixel;r=1346694472;event=rule;labels=All.Title.Joe%20Biden%20Hints%20at%20a%20Potential%20Tax%20Hike%20on%20Oil%20Companies%20Very%20Soon%2CAll.Type.website%2CAll.Type.article%2CAll.Description.Ene...
pixel.quantserve.com/ 		35 B
210 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=1346694472;event=rule;labels=All.Title.Joe%20Biden%20Hints%20at%20a%20Potential%20Tax%20Hike%20on%20Oil%20Companies%20Very%20Soon%2CAll.Type.website%2CAll.Type.article%2CAll.Description.Energy%20prices%20are%20still%20on%20the%20rise%20all%20over%20the%20world%20as%20countries%20continue%20to%20sanction%20Russia%20for%20their%20ongoing%20invasion%20of%20Ukraine%20%20Due%20to%20the%20lack%20of%20Russian%20oil%20exports%20%20domestic%20oil%20producers%20have%20had%20to%20pick%20up%20the%20slack%20%20However%20%20in%20the%20eyes%20of%20United%20States%20President%20Joe%20Biden%20%20their%20current%20efforts%20are%20%5B%E2%80%A6%5D%2CAll.Site.Cashola%2CAll.Url.https%3A%2F%2Fwww%20casho%20la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F;rf=0;a=p-Hwnr8j7tWA3Nu;url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F;ref=https%3A%2F%2Fwww.google.com%2F;uht=2;fpan=1;fpa=P0-988025342-1691431908233;pbc=a19d0c94-64e4-4514-97bc-08abfc0761a6;ns=0;ce=1;qjs=1;qv=c818c8ec-20230509111053;cm=;gdpr=0;d=casho.la;dst=0;et=1691431916320;tzo=0;ogl=locale.en_US%2Ctype.website%2Csite_name.Cashola%2Ctype.article%2Cimage.https%3A%2F%2Fwww%252Ecasho%252Ela%2Fwp-content%2Fuploads%2F2022%2F09%2Fshutterstock_1608793423-1000x576%2Curl.https%3A%2F%2Fwww%252Ecasho%252Ela%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-%2Ctitle.Joe%20Biden%20Hints%20at%20a%20Potential%20Tax%20Hike%20on%20Oil%20Companies%20Very%20Soon%2Cdescription.Energy%20prices%20are%20still%20on%20the%20rise%20all%20over%20the%20world%20as%20countries%20continue%20to%20;ses=5aa4ccab-4003-4bf4-96a4-686a65511e3b;mdl=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:ef75:8280:f209:5ba1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:56 GMT
cache-control
private, no-cache, no-store, proxy-revalidate
strict-transport-security
max-age=86400
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
sync.php
pixel-us-east.rubiconproject.com/exchange/ Frame 630C 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-us-east.rubiconproject.com/exchange/sync.php?p=duration_media&khaos=LL16VXOA-J-28RP
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
8.43.72.97 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
636a4452fa95aad32992c06634d4089f
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
cmp-list.json
test.cmp.quantcast.com/GVL-v2/ 		10 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://test.cmp.quantcast.com/GVL-v2/cmp-list.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:25a2:ba00:3:a4cd:8380:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
034459651dfe7dd9d35633ce1e7da053b4b385a896edfadb4998c34d929fbf8c

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
sZOpapdV9juBv7KR_zAAJcZEP70BCQzW
content-encoding
br
via
1.1 e042bf1e56617a2fbe098f111a30b514.cloudfront.net (CloudFront)
date
Sun, 06 Aug 2023 14:47:11 GMT
x-amz-cf-pop
ZRH55-P1
age
98686
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Fri, 28 Jul 2023 19:52:29 GMT
server
AmazonS3
etag
W/"cc0351f16a68f48b69c6fad79669223f"
access-control-max-age
86400
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
jEH1umPseSkD3F_iLhK2Qfz7dosxxt0yLUu9ocg74RHg05tD6fLf1A==
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 7C8F 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=LL16VXOA-J-28RP
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
3bafef7aa4e37890defcd73f0a080481
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
embed.9203.3f277c45e9937b13e8c4.js
platform.twitter.com/embed/ Frame B1F7 		267 KB
82 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.9203.3f277c45e9937b13e8c4.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F337) /
Resource Hash
c731d1ac06ce0723680061bb7eab4bfe43bad28d6af8d8fa8cf855b16ff60784

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:56 GMT
Content-Encoding
gzip
Age
413934
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
83749
Last-Modified
Wed, 02 Aug 2023 23:07:29 GMT
Server
ECS (via/F337)
Etag
"10f14cb43e1e020e75b5aef9b88c8bcb+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
embed.ondemand.Tweet.40a6f6e34beccdf3a9eb.js
platform.twitter.com/embed/ Frame B1F7 		83 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/embed/embed.ondemand.Tweet.40a6f6e34beccdf3a9eb.js
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.runtime.f3e57ef931459836a2c7.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:46c:e8b:1e2f:2bd:694 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F346) /
Resource Hash
16b018c3726370f880955556dfceb109925a7e2f719eedff6e5483a4526c7608

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/embed/Tweet.html?dnt=true&embedId=twitter-widget-0&features=eyJ0ZndfdGltZWxpbmVfbGlzdCI6eyJidWNrZXQiOltdLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X2ZvbGxvd2VyX2NvdW50X3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9iYWNrZW5kIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19yZWZzcmNfc2Vzc2lvbiI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfZm9zbnJfc29mdF9pbnRlcnZlbnRpb25zX2VuYWJsZWQiOnsiYnVja2V0Ijoib24iLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X21peGVkX21lZGlhXzE1ODk3Ijp7ImJ1Y2tldCI6InRyZWF0bWVudCIsInZlcnNpb24iOm51bGx9LCJ0ZndfZXhwZXJpbWVudHNfY29va2llX2V4cGlyYXRpb24iOnsiYnVja2V0IjoxMjA5NjAwLCJ2ZXJzaW9uIjpudWxsfSwidGZ3X3Nob3dfYmlyZHdhdGNoX3Bpdm90c19lbmFibGVkIjp7ImJ1Y2tldCI6Im9uIiwidmVyc2lvbiI6bnVsbH0sInRmd19kdXBsaWNhdGVfc2NyaWJlc190b19zZXR0aW5ncyI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdXNlX3Byb2ZpbGVfaW1hZ2Vfc2hhcGVfZW5hYmxlZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9LCJ0ZndfdmlkZW9faGxzX2R5bmFtaWNfbWFuaWZlc3RzXzE1MDgyIjp7ImJ1Y2tldCI6InRydWVfYml0cmF0ZSIsInZlcnNpb24iOm51bGx9LCJ0ZndfbGVnYWN5X3RpbWVsaW5lX3N1bnNldCI6eyJidWNrZXQiOnRydWUsInZlcnNpb24iOm51bGx9LCJ0ZndfdHdlZXRfZWRpdF9mcm9udGVuZCI6eyJidWNrZXQiOiJvbiIsInZlcnNpb24iOm51bGx9fQ%3D%3D&frame=false&hideCard=false&hideThread=false&id=1587254966309240841&lang=en&origin=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sessionId=d38060b3f37d8127fbf40523e4c0c6fac2dcd08c&theme=light&widgetsVersion=aaf4084522e3a%3A1674595607486&width=550px
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:56 GMT
Content-Encoding
gzip
Age
413933
x-amz-server-side-encryption
AES256
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length
19440
Last-Modified
Wed, 02 Aug 2023 23:07:29 GMT
Server
ECS (via/F346)
Etag
"e7c51bbaea1038e32206dc28b31807a1+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
x-tw-cdn
VZ
Cache-Control
public, max-age=315360000
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 722D 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524509
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FF8D 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2139
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
playlist.m3u8
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/ 		171 B
822 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/playlist.m3u8
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
content-encoding
gzip
cdn-edgestorageid
752
cdn-storageserver
DE-165
cdn-cachedat
06/15/2023 15:40:50
cdn-pullzone
829957
last-modified
Mon, 09 Jan 2023 09:56:48 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
531
cdn-requestpullcode
206
cdn-proxyver
1.03
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
a6d11382c9af2c0433986541e5bbf55b
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
usersync
usersync.gumgum.com/ Frame 02B2
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=ZNEz6gAAAyP6cAA4&gdpr=&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=ZNEz6gAAAyP6cAA4&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Mon, 07 Aug 2023 18:11:56 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=ZNEz6gAAAyP6cAA4&gdpr=&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-fra-eddf8230055-FRA
x-timer
S1691431917.573368,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame 58CD 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV81OGMwNjE5MC1iOTMyLTQxNmQtYjQyYS03MDk3NTQ2ZjgzOTM=&gdpr=&gdpr_consent=&google_redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dgdv
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.66 Grosse Pointe, United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s05-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 18:11:56 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 310B 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=142511
content-encoding
gzip
content-length
5606
content-type
text/html
date
Mon, 07 Aug 2023 18:11:56 GMT
expires
Wed, 09 Aug 2023 09:47:07 GMT
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
generic
match.adsrvr.org/track/cmf/ Frame ACEA 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=&gdpr_consent=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 07 Aug 2023 18:11:56 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame D0E3
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://usersync.gumgum.com/usersync?b=sus&i=ZNEz7MCo8X8AAGhRQyYAAAAA
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=sus&i=ZNEz7MCo8X8AAGhRQyYAAAAA
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Mon, 07 Aug 2023 18:11:56 GMT
Location
https://usersync.gumgum.com/usersync?b=sus&i=ZNEz7MCo8X8AAGhRQyYAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
2
X-SO-Cluster-ID
0
X-SO-HostName
a-ad40214.dc2p.scaleout.jp
X-SO-IP
80.255.7.104
X-SO-Key
ZNEz7MCo8X8AAGhRQyYAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":0,"gdpr":true,"ipv4":"0.0.0.0","key":"ZNEz7MCo8X8AAGhRQyYAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"a-ad40214"}
X-SO-LB-Hostname
m-tgng27.dc4p.scaleout.jp
X-SO-Upstream-ID
a-ad40214
gumgum
cs.admanmedia.com/sync/ Frame 46DD 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://cs.admanmedia.com/sync/gumgum?puid=e_58c06190-b932-416d-b42a-7097546f8393&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Daad%26i%3D%5BDSP_USER_ID%5D&gdpr=&gdpr_consent=&ccpa=
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
80.77.87.163 Clifton, United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 07 Aug 2023 18:11:56 GMT
Server
nginx
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
csi
csi.gstatic.com/ Frame 6426 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ll16w2i0&c=960899130579&slotId=480449565289.5&vast_v=4.1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:56 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame C7A7 		156 B
143 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?slotname=%2F21760922134%2Fca-video-pub-4090704406626496-tag%2Fviads.casho.la&sz=300x250%7C400x300%7C640x480&ciu_szs&cust_params&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&unviewed_position_start=1&output=xml_vast4&env=vp&gdfp_req=1&ad_rule=0&video_url_to_fetch=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&useragent=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36%2Cgzip(gfe)&vad_type=linear&vpos=preroll&pod=1&ppos=2&lip=true&min_ad_duration=0&max_ad_duration=45000&vrid=1248875&sid=D391841B-D43D-43EB-8439-86230AABF824&adk=1369229360&cookie_enabled=1&correlator=282904009061423&ctv=0&dlt=1691431906571&dt=1691431916590&ged=timeout&idt=5037&is_amp=0&npa=false&omid_p=Google1%2Fh.3.584.2&osd=2&ptt=20&ref=https%3A%2F%2Fwww.google.com%2F&scor=3188084528220219&sdk_apis=2%2C7%2C8&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&vis=1&u_so=l&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&hl=en&frm=0&sdki=445&sdkv=h.3.584.2&sdr=1&vpa=auto&vpmute=1&nel=0&cnc=22500435788&kfa=0&tfcd=0&top=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&loc=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
content-encoding
br
x-content-type-options
nosniff
observe-browsing-topics
?1
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
pd
insticator-d.openx.net/w/1.0/ Frame 1DD4 		0
91 B 		Document
General
Check archive.org
Download Go to
Full URL
https://insticator-d.openx.net/w/1.0/pd
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
20
content-type
text/html
date
Mon, 07 Aug 2023 18:11:56 GMT
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
via
1.1 google
async_usersync.html
acdn.adnxs.com/dmp/ Frame 0A82 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/libs/prebid/avpb7.51.0.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:11:56 GMT
ETag
"623de86a-cf34"
Expires
Tue, 08 Aug 2023 18:11:58 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.casho.la%2F&domain=www.casho.la&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 07 Aug 2023 18:11:56 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
205312
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ 		2 B
370 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.casho.la%2F&domain=www.casho.la&cw=1&lsw=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:56 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
218699
expires
0
usync.html
eus.rubiconproject.com/ Frame 1809 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/library/prebid/8.5.0/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:11:56 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
trackv4
track-selectmedia.com/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1459&uuid=8b913869-20af-4cb1-919b-6170d4d567bc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://www.casho.la
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ghb.hb.selectmedia.asia/geo/ Frame C3B2 		146 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/geo/
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/HX2S5/hbw_master_310028_13810.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
4deef1f7b7429306b296e117b181f4b7357c2b20f9fff7b91feaf13573716f8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:56 GMT
Server
Adtelligent
Content-Type
application/json
Access-Control-Allow-Origin
https://www.casho.la
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
146
tracking
ghb.hb.selectmedia.asia/adunit/ Frame C3B2 		43 B
433 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/adunit/tracking?event=11&type=0&client_id=310028&site_id=13810&pbjsv=v7.37.3&full_page_url=https%3A%2F%2Fwww.casho.la&adid=16w3a8.zj&features=82016&vpbv=A165&tte=4253&lifecycle_tte=4261
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/HX2S5/hbw_master_310028_13810.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:56 GMT
Server
Adtelligent
Content-Type
image/gif
Access-Control-Allow-Origin
https://www.casho.la
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
43
trackv4
track-selectmedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1459&uuid=8b913869-20af-4cb1-919b-6170d4d567bc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.casho.la
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
date
Mon, 07 Aug 2023 18:11:56 GMT
referrer-policy
no-referrer-when-downgrade
via
1.1 google
/
onetag-sys.com/usync/ Frame 474C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=7f5d22b0006ab5a
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Zw4GL6aFpv7EIrJ3&instance=214862936&version=7.20.1&age=230807&ldt=NO_IMP&key=nydEIVUv&c_id=13327&seq=1&order=6&vIndex=0&absoluteTime=11501.2&relativeTime=8673.6&sm_id=2924987&visiblestatecd=I&soundcd=OFF&alt=0&sC_ID=8786&load=1&status=LVFNMNIY&ac_id=2008&adIndex=-1&DS=found
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-9-3.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
p
sb.scorecardresearch.com/ Frame A57D 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1691431909444&ns_st_ec=1&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=play&ns_st_po=0&ns_st_cl=207690&ns_st_pb=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2924987&ns_st_pt=0&ns_st_dpt=0&ns_st_ipt=0&ns_st_ap=0&ns_st_dap=0&ns_st_et=0&ns_st_det=0&ns_st_upc=0&ns_st_dupc=0&ns_st_iupc=0&ns_st_upa=0&ns_st_dupa=0&ns_st_iupa=0&ns_st_lpc=0&ns_st_dlpc=0&ns_st_lpa=0&ns_st_dlpa=0&ns_st_pa=0&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1691431916712&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_lt=7267&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Cheddar%20News&c3=sendtonews&c4=Culture&c6=*null&c7=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&c8=&c9=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-113.fra56.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:56 GMT
via
1.1 bb5a1c03f2335d92378a3e68542733da.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
Z8mOAb_MQ6TUrPc5-XlkWPkjcm1hv5lqP6wuSlt9Jj5a9Ga-Mi4vsw==
pixel
ap.lijit.com/ Frame 80CA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/pixel?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fsovrn%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Access-Control-Allow-Origin
*
Date
Mon, 07 Aug 2023 18:11:56 GMT
X-Sovrn-Pod
ad_ap4ams1
43646921-d1d4-4001-a4eb-1zz1691431910
csync.smilewanted.com/set_partner_userid_get/richaudience/ Frame 0ECC
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=ns9qrKJLKD&consentString=&r=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Frichaudience%2F%5BPDID%5D
  • https://csync.smilewanted.com/set_partner_userid_get/richaudience/43646921-d1d4-4001-a4eb-1zz1691431910
0
401 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/richaudience/43646921-d1d4-4001-a4eb-1zz1691431910
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f317c27f8711c9d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:56 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:53 GMT
location
https://csync.smilewanted.com/set_partner_userid_get/richaudience/43646921-d1d4-4001-a4eb-1zz1691431910
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
generic
match.adsrvr.org/track/cmf/ Frame 217B
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=smilewanted
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4561609198
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4561609198
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 07 Aug 2023 18:11:56 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 07 Aug 2023 18:11:56 GMT
etag
RX454fa167f27e4ceebc7e385eecb31b3a003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=4561609198
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
track
track1.aniview.com/ Frame F2E6 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://track1.aniview.com/track?r=www.casho.la&sn=&ic=0&tgt=0&app=&wi=462&he=360&test=&d36=6.2.121&apppkg=&fv=1&proto=https&clsid=67d1508f-ef8d-49cc-adaa-97bc2d6b3469&rando=98
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=5d8ccec528a0617cae5a0755
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.215.3.149 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-215-3-149.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Aug 2023 18:11:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
35b820c5-b7e0-52db-a8c3-b287cc12816b
csync.smilewanted.com/set_partner_userid_get/betweenx/ Frame A541
Redirect Chain
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}
  • https://ads.betweendigital.com/match?bidder_id=45128&callback_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbetweenx%2F${USER_ID}&crf=1&rts=-1471655547840064769
  • https://csync.smilewanted.com/set_partner_userid_get/betweenx/35b820c5-b7e0-52db-a8c3-b287cc12816b
0
476 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/betweenx/35b820c5-b7e0-52db-a8c3-b287cc12816b
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f317c29ab2c1c9d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:57 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
location
https://csync.smilewanted.com/set_partner_userid_get/betweenx/35b820c5-b7e0-52db-a8c3-b287cc12816b
29e7749d-bece-4a04-8a70-e55a2939fc66
https://www.casho.la/ 		5 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.casho.la/29e7749d-bece-4a04-8a70-e55a2939fc66
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
3d3fff4a210d791bfd98347f39cf241cacfdbb3602b3319c6820c5a4160d8b5c

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
5431
Content-Type
application/javascript
07521015-34c2-435d-aa97-85490445928e
https://www.casho.la/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.casho.la/07521015-34c2-435d-aa97-85490445928e
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1feb79de0dc55cd770e59b9f62f34da85a3f522f7b06c415218ecbb4df7f9686

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
78253
Content-Type
application/javascript
4dd8b338-5fcd-4fac-aad8-3e4e5ac2b483
https://www.casho.la/ 		76 KB
0 		Other
General
Check archive.org
Download Go to
Full URL
blob:https://www.casho.la/4dd8b338-5fcd-4fac-aad8-3e4e5ac2b483
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
BLOB
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
1feb79de0dc55cd770e59b9f62f34da85a3f522f7b06c415218ecbb4df7f9686

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Length
78253
Content-Type
application/javascript
track
servt.vidcrunch.com/ Frame A34E 		0
120 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://servt.vidcrunch.com/track?d=Chrome&cou=DE&cos=Windows&r=www.casho.la&rs=www.casho.la&sid=69926&t=1691431911&cip=80.255.7.104&sn=&tgt=0&osv=10&bv=115.0&brn=Chrome&wi=417&he=235&app=&AV_PUBLISHERID=62d0073a5831594d4e154ea4&test=&d64=0224bd9e1c7289ec0a4b5bc3a7ab0181&d63=0224bd9e1c7289ec0a4b5bc3a7ab0181&aafaid=&proto=https&uid=1691431911915-952078490909-001215-001-002451&cha=0.1&stagid=644b96f57dd612596d007c54&stplid=6464d20d35dbda87cc0d79ae&d35=&d36=6.2.121&cb=11826201867&d39=&d65=Active&d66=8.3.15&d74=&apppkg=&d9=1000&d37=realtime&pt=2&d66=8.3.15&d74=&stagid=644b96f57dd612596d007c54&stplid=6464d20d35dbda87cc0d79ae&cvid=646203de38ee91bfbb0e3193&cpid=63ece8e3ec8441ca06055982&str=autostart&cmssynd=%255B%255D&AV_WIDTH=462&AV_HEIGHT=260
Requested by
Host: player.aniview.com
URL: https://player.aniview.com/script/6.1/AVmanager.js?v=1.0&type=s&pid=62d0073a5831594d4e154ea4
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.90.59.157 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-54-90-59-157.compute-1.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
*
date
Mon, 07 Aug 2023 18:11:56 GMT
cache-control
max-age=0, no-cache, no-store
content-length
0
smwt256.gif
us.ck-ie.com/ Frame 1E6B 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smwt256.gif?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fbizzclick%2F%7B%24PARTNER_UID%7D
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 07 Aug 2023 18:11:57 GMT
Server
nginx
usermatchredir
ssum-sec.casalemedia.com/ Frame 4DF9 		43 B
632 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatchredir?s=189872&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Diex%26i%3D
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-cache
Connection
Keep-Alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:56 GMT
Expires
0
Keep-Alive
timeout=1, max=500
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
usersync
usersync.gumgum.com/ Frame AC88
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://usersync.gumgum.com/usersync?b=rth&i=0zEZpqla0Dxyke00P29J&pi=gumgum
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=rth&i=0zEZpqla0Dxyke00P29J&pi=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:56 GMT
Expires
0
Pragma
no-cache

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Mon, 07 Aug 2023 18:11:56 GMT Mon, 07 Aug 2023 18:11:56 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://usersync.gumgum.com/usersync?b=rth&i=0zEZpqla0Dxyke00P29J&pi=gumgum
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame E766
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: rtb.gumgum.com
URL: https://rtb.gumgum.com/usync/15581?r=https%3A%2F%2Fsync.e-planning.net%2Fum%3Fdc%3D1a6b1d3b3872943b%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://rtb.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:11:57 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 07 Aug 2023 18:11:56 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
cookie
cm.adform.net/ Frame 43C0 		43 B
105 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fcsync.smilewanted.com%2Fset_partner_userid_get%2Fadform%2F%24UID
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
43
content-type
image/gif
date
Mon, 07 Aug 2023 18:11:56 GMT
server
nginx
1d41fe77cabbafcda93deed5caa6d1a7
csync.smilewanted.com/set_partner_userid_get/freewheel/ Frame 8D5C
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3602&gdpr=0&gdpr_consent=
  • https://csync.smilewanted.com/set_partner_userid_get/freewheel/1d41fe77cabbafcda93deed5caa6d1a7?gdpr_consent=&gdpr=0
0
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smilewanted.com/set_partner_userid_get/freewheel/1d41fe77cabbafcda93deed5caa6d1a7?gdpr_consent=&gdpr=0
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.10.198 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With
access-control-allow-methods
GET, POST, PUT, DELETE, OPTIONS
cf-cache-status
DYNAMIC
cf-ray
7f317c29db751c9d-FRA
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:57 GMT
server
cloudflare
vary
Accept-Encoding

Redirect headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
0
Date
Mon, 07 Aug 2023 18:11:56 GMT
Expires
Mon, 07 Aug 2023 18:11:56 GMT
Location
https://csync.smilewanted.com/set_partner_userid_get/freewheel/1d41fe77cabbafcda93deed5caa6d1a7?gdpr_consent=&gdpr=0
Pragma
no-cache
Server
nginx
x-sticky-vk
1691431916910055-589
v1
match.sharethrough.com/universal/ Frame 6202 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://match.sharethrough.com/universal/v1?supply_id=GmfSCHMu&gdpr=0&gdpr_consent=
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.193.126.37 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-193-126-37.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
usync.js
eus.rubiconproject.com/ Frame 1809 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25466
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Zw4GL6aFpv7EIrJ3&instance=214862936&version=7.20.1&age=230807&cmd=INV&key=nydEIVUv&c_id=13327&seq=1&order=7&vIndex=0&absoluteTime=11905.5&relativeTime=9077.9&alt=0&sC_ID=8786&sm_id=2924987&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&REF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&playerCfg=FL&playerType=FLOAT
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-9-3.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
stn_trk.gif
s2l.sendtonews.com/ 		26 B
186 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://s2l.sendtonews.com/stn_trk.gif?session=Zw4GL6aFpv7EIrJ3&instance=214862936&version=7.20.1&age=230807&cmd=PLAY&key=nydEIVUv&c_id=13327&seq=1&order=8&vIndex=0&absoluteTime=11906.2&relativeTime=9078.6&alt=0&sC_ID=8786&sm_id=2924987&load=1&status=LVFNMNIY&ac_id=2008&EXTREF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&REF=https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/&playerCfg=FL&playerType=FLOAT&pposition=float&floattype=s
Requested by
Host: embed.sendtonews.com
URL: https://embed.sendtonews.com/easy-stn-player/7.20.1/easy-stn-player.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.9.3 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-9-3.compute-1.amazonaws.com
Software
Apache/2.4.41 (Ubuntu) /
Resource Hash
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
last-modified
Wed, 23 Dec 2020 21:38:39 GMT
server
Apache/2.4.41 (Ubuntu)
accept-ranges
bytes
etag
"1a-5b72883b37f80"
content-length
26
content-type
image/gif
288
a.ad.gt/api/v1/u/matches/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.ad.gt/api/v1/u/matches/288?_it=amazon
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&ref=https%3A%2F%2Fwww.google.com%2F&_it=amazon&partner_id=288
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe2cd58230aa119f208add41c185f8022ba0ea768465aa42e2e41d772c95a8c0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
content-encoding
gzip
cf-cache-status
HIT
last-modified
Mon, 07 Aug 2023 18:07:25 GMT
server
cloudflare
age
272
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cross-origin-resource-policy
cross-origin
cf-ray
7f317c2afcf24db8-FRA
smw888.gif
us.ck-ie.com/ Frame FCCA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://us.ck-ie.com/smw888.gif?gdpr=0&gdpr_consent=&us_privacy={$USPrivacy}&coppa={$COPPA}&puid={$PARTNER_UID}
Requested by
Host: csync.smilewanted.com
URL: https://csync.smilewanted.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
8.2.108.194 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

Referer
https://csync.smilewanted.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Type
text/plain
Date
Mon, 07 Aug 2023 18:11:57 GMT
Server
nginx
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-VKSM81WPC3&gtm=45je3820&_p=330834980&cid=1849936587.1691431909&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1691431917&sct=1&seg=0&dl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dr=https%3A%2F%2Fwww.google.com%2F&dt=Cashola&en=page_view&_fv=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VKSM81WPC3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:57 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pubads.g.doubleclick.net/gampad/ Frame 6426 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pubads.g.doubleclick.net/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Fcasho.la_2.1&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1059784149220957&vpmute=0&mpt=stnvideo%2Fplayer&vpa=auto&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=1467340240&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&media_url=blob%3Ahttps%253a%2F%2Fwww.casho.la%2Fce0a57bf-bafc-4479-a732-f0928b6b08e5&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=6924&dt=1691431917265&cookie_enabled=1&scor=2733261693462395&ged=timeout
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
userx.20230801-7-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 494C 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230801-7-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
fabe4ca56fd1580b8e45ce2fb10a64278d692b9fbbbb661b1d55fed78c2fc1a3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
OakaCF5DkYcu7RCHlzVeQTicmP0rOhEr
content-encoding
gzip
via
1.1 varnish
date
Mon, 07 Aug 2023 18:11:57 GMT
x-amz-request-id
2M60Q6CSTFKGEBQ7
age
533118
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
5398
x-amz-id-2
gsQedyE68DTI/5JUVfvCzM+pERnIiATP3JHtFt28Eu6nIdsiC9LKYIlNtQt/2g+6gp8HxjPtFb0=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Tue, 01 Aug 2023 12:36:51 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691431917.436069,VS0,VE0
etag
"4726b8734ed11538b4330a04a40e09be"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
33
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
7680
abtests
am-trc-events.taboola.com/themonetizer-cashola/log/3/ Frame 494C 		0
231 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/themonetizer-cashola/log/3/abtests?route=AM:AM:V&lti=split-bugfix-v2_ctrl&ri=cfb2b2daa66e174bca74ebab70970f6a&sd=v2_2d17f3b7444e3060428469e102963589_121c88e6-f492-499c-a607-55874df4c08f-tuctbcab96b_1691431915_1691431915_CIi3jgYQrZpZGM2iy4mdMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABog4mFjq2K96socAA&ui=121c88e6-f492-499c-a607-55874df4c08f-tuctbcab96b&pi=/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon&wi=3683420008944273044&pt=text&vi=1691431915853&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1691431917414%7D&tim=18%3A11%3A57.414&id=8170&llvl=2&cv=20230801-7-RELEASE&
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
userx.20230802-16-RELEASE.es6.js
cdn.taboola.com/libtrc/ Frame 5E3B 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/libtrc/userx.20230802-16-RELEASE.es6.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/themonetizer-network/loader.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
27df41a622e2878aa94077bc3feacce6960f86d938d28032b33482c6964effea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
61OrEaTXcE_FvN6e9aOg9470MYeCptZf
content-encoding
gzip
via
1.1 varnish
date
Mon, 07 Aug 2023 18:11:57 GMT
x-amz-request-id
B840CM7A8EW88AGE
age
110636
x-amz-server-side-encryption
AES256
x-cache
HIT
x-amz-replication-status
PENDING
content-length
5398
x-amz-id-2
Yv1vsPYYFqT43ySxE0HPq0ucy0qz3WieLm+wHPTYI7K+Mz0DLNN9MSXH7qyYaTarozFfx0K+1H4=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Sun, 06 Aug 2023 11:28:01 GMT
server
AmazonS3
x-tbl-debug
bestatus=200,beresp=OK
x-timer
S1691431918.539153,VS0,VE0
etag
"8fcddfffbae4f07cb599ed2990b3dfc6"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
abp
13
access-control-allow-origin
*
cache-control
private,max-age=2629743
accept-ranges
bytes
x-cache-hits
33097
fix-user-id
trc.taboola.com/themonetizer-cashola/log/3/ Frame 5E3B 		0
286 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/themonetizer-cashola/log/3/fix-user-id?lti=deflated&ri=b26340f5abf0b0b8c8b8e9cac375d6b8&sd=v2_a3e1951de5b86964828757063de44567_d008b7c9-3e0c-4302-8d24-1f1f8501e6d5-tuctbcab96c_1691431916_1691431916_CIi3jgYQrZpZGM2iy4mdMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABog4mFjq2K96socAA&ui=d008b7c9-3e0c-4302-8d24-1f1f8501e6d5-tuctbcab96c&pi=/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon&wi=3683420008944273044&pt=text&vi=1691431915853&time=1691431917507&fromUser=121c88e6-f492-499c-a607-55874df4c08f-tuctbcab96b&toUser=d008b7c9-3e0c-4302-8d24-1f1f8501e6d5-tuctbcab96c&fromSD=v2_2d17f3b7444e3060428469e102963589_121c88e6-f492-499c-a607-55874df4c08f-tuctbcab96b_1691431915_1691431915_CIi3jgYQrZpZGM2iy4mdMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABog4mFjq2K96socAA&toSD=v2_a3e1951de5b86964828757063de44567_d008b7c9-3e0c-4302-8d24-1f1f8501e6d5-tuctbcab96c_1691431916_1691431916_CIi3jgYQrZpZGM2iy4mdMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABog4mFjq2K96socAA&tim=18%3A11%3A57.507&id=8256&llvl=2&cv=20230802-16-RELEASE&
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
9
date
Mon, 07 Aug 2023 18:11:57 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
8600
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230058-FRA
pragma
no-cache
server
nginx
x-timer
S1691431918.541284,VS0,VE9
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
abtests
am-trc-events.taboola.com/themonetizer-cashola/log/3/ Frame 5E3B 		0
230 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://am-trc-events.taboola.com/themonetizer-cashola/log/3/abtests?route=AM:AM:V&lti=deflated&ri=b26340f5abf0b0b8c8b8e9cac375d6b8&sd=v2_a3e1951de5b86964828757063de44567_d008b7c9-3e0c-4302-8d24-1f1f8501e6d5-tuctbcab96c_1691431916_1691431916_CIi3jgYQrZpZGM2iy4mdMSABKAEwODib4wlAiYoQSMr63gNQ____________AVgAYABog4mFjq2K96socAA&ui=d008b7c9-3e0c-4302-8d24-1f1f8501e6d5-tuctbcab96c&pi=/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon&wi=3683420008944273044&pt=text&vi=1691431915853&d=%7B%22abTestsEventType%22%3A%22simple%22%2C%22name%22%3A%22block_clicks_init%22%2C%22type%22%3A%22block-clicks-manager%22%2C%22eventTime%22%3A1691431917517%7D&tim=18%3A11%3A57.517&id=2156&llvl=2&cv=20230802-16-RELEASE&
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:57 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
cmp2ui-en.js
cmp.quantcast.com/tcfv2/47/ 		248 KB
61 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/47/cmp2ui-en.js
Requested by
Host: cmp.quantcast.com
URL: https://cmp.quantcast.com/tcfv2/cmp2.js?referer=casho.la
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8c00:9:46dc:4700:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 12:50:39 GMT
content-encoding
br
via
1.1 449f2b51e83bf8ba5fa5e65ce60bc276.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
19279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-storage-class
INTELLIGENT_TIERING
cross-origin-resource-policy
cross-origin
last-modified
Wed, 19 Jul 2023 15:20:10 GMT
server
AmazonS3
etag
W/"556bc7ca21432cc0628ff6f67a5e09bc"
access-control-max-age
604800
access-control-allow-methods
GET
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=172800
vary
Accept-Encoding
x-amz-cf-id
8ba5AjbG6skcWs44ia1f5K469S7ugHqvUrU2P0r0uXe7EnK52RFGjA==
vendor-list-trimmed-v1.json
cmp.quantcast.com/GVL-v2/ 		358 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/GVL-v2/vendor-list-trimmed-v1.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8c00:9:46dc:4700:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
9cf74b82f5a4ffa0d9c4809d40c0dde44cc6ec8b3952acf697f435e6a4d90526

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 03:00:37 GMT
content-encoding
br
via
1.1 e6b325a976b10aa826ec63757afbdeda.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
54681
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 07 Aug 2023 03:00:35 GMT
server
AmazonS3
etag
W/"a9e8c3c0f2738a6d8ba655178c0724ec"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=86400
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
6p7xbxjw0PCtDzdx-0PsFWx5sBLAS_v73Dp7ruyZtofWKDoa_Ho2nA==
9.gif
id5-sync.com/i/12/ 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id5-sync.com/i/12/9.gif?gdpr=true&gdpr_consent=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.117 Frankfurt am Main, Germany, ASN16276 (OVH, FR),
Reverse DNS
ns31533568.ip-162-19-138.eu
Software
/
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif;charset=UTF-8
date
Mon, 07 Aug 2023 18:11:57 GMT
strict-transport-security
max-age=63072000; includeSubDomains; preload
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
transfer-encoding
chunked
p3p
CP="CAO PSA OUR"
/
serv-selectmedia.com/serving_v3/ 		39 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://serv-selectmedia.com/serving_v3/?channelid=369b143f-4399-436e-af95-ed955e53c2da&height=250&publisherid=ab0ce547-61a7-4bf0-ad2d-83f74bfa3917&tagid=tag_fb4756ee-62d7-477c-b298-68bce67d05b2&templateid=f6b3eb87-2011-41e7-beab-d9c8a37181a2&width=300&domain=casho.la&hostname=casho.la&url=casho.la&cb=1691431917564-d24b0216-7e4b-473d-a867-2f944252e253&is_desktop=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.107.214.50 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
50.214.107.34.bc.googleusercontent.com
Software
/
Resource Hash
0f8cc5ca5c6cd36363867d264da5ea73e8f966c627cd6d6b07a3c8037210eb62

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
content-encoding
gzip
via
1.1 google
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
pragma
no-cache
x-accel-expires
0
vary
Accept-Encoding
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
expires
Thu, 01 Jan 1970 00:00:00 UTC
google-atp-list.json
cmp.quantcast.com/tcfv2/ 		139 KB
33 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cmp.quantcast.com/tcfv2/google-atp-list.json
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2190:8c00:9:46dc:4700:93a1 , United States, ASN (),
Reverse DNS
Software
AmazonS3 /
Resource Hash
617238fac0798f7ca26e363ecd0e29caea274ec56c4109071a27052f5bcfc921

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 12:50:39 GMT
content-encoding
br
via
1.1 e6b325a976b10aa826ec63757afbdeda.cloudfront.net (CloudFront)
x-amz-cf-pop
ZRH50-C1
age
19279
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Mon, 07 Aug 2023 03:00:26 GMT
server
AmazonS3
etag
W/"e91aaedeb5e41dd3b9c59b776e7cec62"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=172800
access-control-allow-credentials
true
vary
Accept-Encoding,Access-Control-Request-Headers,Access-Control-Request-Method
x-amz-cf-id
jUpLpjz8jGqQI_x3MSAl--FCvVNAdcYLdBKJsulGb8oiCuPOxXh1VQ==
video.m3u8
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		9 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video.m3u8
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
6532fd2e1b8fa0e2427b3be9158469cef846655d968f69c8956f3cd9b7068aff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
content-encoding
gzip
cdn-edgestorageid
1075
cdn-storageserver
DE-676
cdn-cachedat
07/21/2023 22:44:01
cdn-pullzone
829957
last-modified
Tue, 11 Jul 2023 21:54:31 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
638
cdn-requestpullcode
206
cdn-proxyver
1.04
vary
Accept-Encoding
content-type
application/vnd.apple.mpegurl
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=30
cdn-requestid
2db3ef5a634910532a80960e99060cf0
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
usync.js
eus.rubiconproject.com/ Frame E766 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:11:57 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25466
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 4A39 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=LL16VXOA-J-28RP
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
5b959e9b7aef6dd90a6fa539ca64ac62
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
fb5654b1-ec70-479c-913e-b28ae539c9b8_1000x600_39484071f5f311c16b65c11946fa2fd9.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/ Frame 494C 		13 KB
14 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/fb5654b1-ec70-479c-913e-b28ae539c9b8_1000x600_39484071f5f311c16b65c11946fa2fd9.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c339e455fc86a2a8220fc39af43aca3f7a09b193a7ab7ddf534320a8c67587f9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 07 Aug 2023 18:11:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_212%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/https%3A//console.brax-cdn.com/creatives/a6cb1edf-85ae-42d3-8ce3-0c3ef2d08771/fb5654b1-ec70-479c-913e-b28ae539c9b8_1000x600_39484071f5f311c16b65c11946fa2fd9.png
age
1633395
edge-cache-tag
388255322510993349651251668851792528111,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
cache-tag
388255322510993349651251668851792528111,484736702292238939275415265588739935819,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, MISS, MISS, HIT, HIT
x-envoy-upstream-service-time
419
expiration
expiry-date="Sat, 12 Aug 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://audiotools.in/
content-length
13470
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb202
x-served-by
cache-iad-kjyo7100071-IAD, cache-iad-kjyo7100049-IAD, cache-sna10731-LGB, cache-iad-kjyo7100057-IAD, cache-fra-eddf8230058-FRA
last-modified
Wed, 12 Jul 2023 07:57:35 GMT
server
nginx
x-timer
S1691431918.743438,VS0,VE1
etag
"482a908c8e1a447cc8ef05fb40b2580a"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 0, 0, 27, 1
4b8d408108fa08b927d929a0dcb72afb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5E3B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b8d408108fa08b927d929a0dcb72afb.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c596167891ba8fd4af1f60f5674a0dac31f9c071e7243dc2ce19b7a45c6a9122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 07 Aug 2023 18:11:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b8d408108fa08b927d929a0dcb72afb.png
age
3904511
edge-cache-tag
420877105570147341183872535332387780579,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
420877105570147341183872535332387780579,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
99
expiration
expiry-date="Tue, 27 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://video-facts.com/
content-length
4856
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100114-IAD, cache-iad-kjyo7100121-IAD, cache-sna10721-LGB, cache-iad-kcgs7200152-IAD, cache-fra-eddf8230058-FRA
last-modified
Sat, 27 May 2023 13:03:42 GMT
server
nginx
x-timer
S1691431918.743465,VS0,VE1
etag
"6622e5f6a65b790231a824cf1f8befba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 123, 1
d43e66d3849e39134911c0b623509101.jpg
images.taboola.com/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_991,y_558/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5E3B 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_991,y_558/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d43e66d3849e39134911c0b623509101.jpg
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2591fedb2ade7c9541ed5ff9b6d19c0c12a194498a66f5a03d5406d560b2c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
1
date
Mon, 07 Aug 2023 18:11:57 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_991,y_558/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d43e66d3849e39134911c0b623509101.jpg
age
2883705
edge-cache-tag
416209574060412545633386855088830631698,443966713261775401917611379033100704273,29ecf9b93bbf306179626feeda1fab70
cache-tag
416209574060412545633386855088830631698,443966713261775401917611379033100704273,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
98
content-length
17636
x-request-id
85ed5e94ca8741f08bb798a946a7640e
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000156-IAD, cache-iad-kiad7000105-IAD, cache-chi-kigq8000137-CHI, cache-iad-kcgs7200077-IAD, cache-fra-eddf8230058-FRA
last-modified
Sat, 17 Jun 2023 13:40:10 GMT
server
nginx
x-timer
S1691431918.743647,VS0,VE1
etag
"5186f4b9889773e515ff645a0c1ade2f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 294, 1
collect
q.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Date
Mon, 07 Aug 2023 18:11:57 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
PugMaster
image6.pubmatic.com/AdServer/ Frame E9C7 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=80223940&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
80cb59e27335c57232d7a56bac7b6fdc290196a02f76decc55106f04ebd25ed9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
AGSKWxXcz4hdVWE69uqRklRW51fz-p3MgZV38ZlUQl5swNGcSUH3YcdVv0VThrY8bxiLTapiyIsCSwFpo_Q5r3WHycwBJshsH_bI-RaIYjbwKcwK7CI8YCisdP8ObMIEtUQ4CNY7u4--8w==
fundingchoicesmessages.google.com/f/ 		490 KB
69 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://fundingchoicesmessages.google.com/f/AGSKWxXcz4hdVWE69uqRklRW51fz-p3MgZV38ZlUQl5swNGcSUH3YcdVv0VThrY8bxiLTapiyIsCSwFpo_Q5r3WHycwBJshsH_bI-RaIYjbwKcwK7CI8YCisdP8ObMIEtUQ4CNY7u4--8w==?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjkxNDMxOTE3LDc3ODAwMDAwMF0sbnVsbCxudWxsLG51bGwsW251bGwsWzddXSwiaHR0cHM6Ly93d3cuY2FzaG8ubGEvam9lLWJpZGVuLWhpbnRzLWEtcG90ZW50aWFsLXRheC1oaWtlLW9uLW9pbC1jb21wYW5pZXMtdmVyeS1zb29uLyIsbnVsbCxbWzgsIlNKZTdRcFpaeENJIl0sWzksImRlIl0sWzE5LCIxIl1dXQ
Requested by
Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.SJe7QpZZxCI.es5.O/d=1/rs=AJlcJMxV97U_3ZGMc-5eavsR6r9YXxXR5g/m=kernel_loader,loader_js_executable
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
bc212da267f8efd62f53ee1e69133fc56278295771d7b8a3631c98e971587b68
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-HyxkEpKKSBdejZqd5TK8FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
content-security-policy
script-src 'report-sample' 'nonce-HyxkEpKKSBdejZqd5TK8FQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'unsafe-inline' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.googletagmanager.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport/allowlist, require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
pragma
no-cache
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-WoW64, Sec-CH-UA-Form-Factor, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy
same-origin
server
ESF
vary
Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-frame-options
SAMEORIGIN
content-type
application/javascript; charset=utf-8
cache-control
no-cache, no-store, max-age=0, must-revalidate
permissions-policy
ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-form-factor=*, ch-ua-platform=*, ch-ua-platform-version=*
timing-allow-origin
*
expires
Mon, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame C7A7 		0
0
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ 		190 B
395 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Mon, 07 Aug 2023 18:41:58 GMT
/
track-selectmedia.com/trackv4/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d19=10&d2=1691431800&d20=115.0.5790&d23=tag_fb4756ee-62d7-477c-b298-68bce67d05b2&d24=369b143f-4399-436e-af95-ed955e53c2da&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=ab0ce547-61a7-4bf0-ad2d-83f74bfa3917&d4=c8bd22b8-f174-44f5-b704-9cc38998ea65&d5=casho.la&d8=1&d9=Windows&channelkey=dHMxPWM4YmQyMmI4LWYxNzQtNDRmNS1iNzA0LTljYzM4OTk4ZWE2NSZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=1459&d33=20&d34=450&d35=1&d36=0&d37=0&d38=0&d40=8&d26=462x260&d27=0&cb=1691431917889-ece64db8-d51d-456b-8441-de1aa982ef80&e=1
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
track-selectmedia.com/trackv4/ 		0
45 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://track-selectmedia.com/trackv4/?d10=DE&d12=Chrome&d14=250X300&d19=10&d2=1691431800&d20=115.0.5790&d23=tag_fb4756ee-62d7-477c-b298-68bce67d05b2&d24=369b143f-4399-436e-af95-ed955e53c2da&d25=f6b3eb87-2011-41e7-beab-d9c8a37181a2&d3=ab0ce547-61a7-4bf0-ad2d-83f74bfa3917&d4=c8bd22b8-f174-44f5-b704-9cc38998ea65&d5=casho.la&d8=1&d9=Windows&channelkey=dHMxPWM4YmQyMmI4LWYxNzQtNDRmNS1iNzA0LTljYzM4OTk4ZWE2NSZ0czI9MSZ0czM9MiZ0czQ9MC42&d28=1459&d33=20&d34=450&d35=1&d36=0&d37=0&d38=0&d40=8&cb=1691431917889-09cfeb04-1884-4e56-aa99-ff714f778936&e=36
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
config
c.amazon-adsystem.com/cdn/prod/ Frame A0A9 		3 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.casho.la&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
ea4b9ce172dd2eb9c971157b295d7f0290f06aa4e56cfd645ce8db388d3039da

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
via
1.1 910a343c3141ba3fe805e18bded62490.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://www.casho.la
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
content-length
3533
x-amz-cf-id
nbzaLGSsEb8jA3I8nW1Uo0N3Y06kDKMZyby7TumfnvgMRWfhgjGn-A==
1634065213_mercedes-wind1.ts
cdn.globalsun.io// 		825 KB
826 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io//1634065213_mercedes-wind1.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
94e0be6f0a2d21e466af23200b65b6a235f15150671133d60850fb6508ca8e29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:57 GMT
x-cache
HIT
x-77-cache
HIT
x-age
880481
x-accel-date
1690551436
content-length
844308
x-77-nzt
AcO1qhH3qDX/YW8NAA
x-accel-expires
@1691588236
last-modified
Tue, 12 Oct 2021 19:00:13 GMT
server
CDN77-Turbo
etag
"ce214-5ce2c748f8940"
x-77-nzt-ray
4c156224145989daed33d164a3855639
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.casho.la
accept-ranges
bytes
video0.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		153 KB
154 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video0.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
63b845e7046f874ba4d1faf8fd80cbea6e86f31b70dbe63bccb58e5e00a60635

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
cdn-edgestorageid
865
cdn-storageserver
DE-167
cdn-cachedat
07/06/2023 22:32:17
cdn-pullzone
829957
content-length
156604
last-modified
Mon, 09 Jan 2023 09:55:04 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
525
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
699eedc586c8199359414cae61a468df
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
dsp
hhkld.com/logs/event/ 		43 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=105507&tids=30559&v=20&cb=1691431917953
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-ffe075f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:57 GMT
last-modified
Fri, 04 Aug 2023 17:20:08 GMT
server
nginx
etag
"64cd3348-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 3C37 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524510
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame CA19 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2140
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
tweet-result
cdn.syndication.twimg.com/ Frame B1F7 		1 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.syndication.twimg.com/tweet-result?features=tfw_timeline_list%3A%3Btfw_follower_count_sunset%3Atrue%3Btfw_tweet_edit_backend%3Aon%3Btfw_refsrc_session%3Aon%3Btfw_fosnr_soft_interventions_enabled%3Aon%3Btfw_mixed_media_15897%3Atreatment%3Btfw_experiments_cookie_expiration%3A1209600%3Btfw_show_birdwatch_pivots_enabled%3Aon%3Btfw_duplicate_scribes_to_settings%3Aon%3Btfw_use_profile_image_shape_enabled%3Aon%3Btfw_video_hls_dynamic_manifests_15082%3Atrue_bitrate%3Btfw_legacy_timeline_sunset%3Atrue%3Btfw_tweet_edit_frontend%3Aon&id=1587254966309240841&lang=en
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/embed/embed.8601.9934bea25cda9d7ebe46.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
tsa_f / Express
Resource Hash
f9a5a91bcdb62adc4081cc1d884a77e9f49c953fa3a1b46b19963cd73fd022c9
Security Headers
Name Value
Content-Security-Policy connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-security-policy
connect-src 'self'; default-src 'self'; frame-src 'self'; font-src 'self'; form-action 'self'; img-src 'self'; media-src 'self'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://twitter.com/i/csp_report?a=O5RXE%3D%3D%3D&ro=false
content-encoding
gzip
x-content-type-options
nosniff
date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=631138519
x-powered-by
Express
server-timing
x-cache;desc= ,x-tw-cdn;desc=VZ
x-xss-protection
0
x-response-time
124
server
tsa_f
etag
W/"41b-1EiZ4QcktNK6txVyK4FixhGLYyI"
vary
Accept-Encoding, Accept-Language
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
x-transaction-id
a2f523de767f74ae
cache-control
must-revalidate, max-age=60
access-control-allow-credentials
true
perf
7626143928
x-connection-hash
6584c3779e62c743d0714ff52de9854ff9073e05a86a4c75086b34befe8b05ff
x-frame-options
SAMEORIGIN
x-tw-cdn
VZ, VZ, VZ
access-contol-allow-origin
platform.twitter.com
dt
dt.adsafeprotected.com/ 		43 B
215 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931034&asId=aa5a4f7f-6067-a2f1-9538-2ab430a49491&tv=%7Bc:kD7uau,time:10787,type:e,env:%7Bnr_p:5%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:10787,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:909,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:1600.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B9900~0%5D,as:%5B9900~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:756,fm:tMgXUlV+1*.931034%7C11%7C12%7C13%7C14%7C15,idMap:1*,rmeas:1,rend:0,renddet:na,siq:910,sis:1791%7D&br=c
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1be6:f1b0:79a9:85e7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
server
nginx
x-server-name
dt23.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
/
audit-tcfv2.cmp.quantcast.com/ 		2 B
101 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://audit-tcfv2.cmp.quantcast.com/?log=%7B%22accountId%22%3A%22Hwnr8j7tWA3Nu%22%2C%22domain%22%3A%22www.casho.la%22%2C%22publisher%22%3A%22casho.la%22%2C%22cmpId%22%3A10%2C%22cmpVersion%22%3A%222.47%22%2C%22displayType%22%3A%22tcfui%3Amandatory%22%2C%22configurationHashCode%22%3A%22WPMGkhtdMG7uM97%2Fw28IUQ%22%2C%22clientTimestamp%22%3A1691431918026%2C%22operationType%22%3A%22init%22%2C%22sessionId%22%3A%22GDPR-r6twsg500i7ygcdfs5rx%22%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.127.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-127-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3

Request headers

Accept
application/json, text/plain, */*
Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Aug 2023 18:11:58 GMT
content-length
2
content-type
text/plain; charset=utf-8
bid
aax.amazon-adsystem.com/e/dtb/ Frame A0A9 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=WjIBxhAQHOv0e&cb=0&ws=0x0&v=23.725.1446&t=8000&slots=%5B%7B%22fc%22%3A%22USD%22%2C%22fp%22%3A75%2C%22id%22%3A%22SM_NEW_640_480%22%2C%22mt%22%3A%22v%22%2C%22s%22%3A%5B%22464x261%22%5D%7D%5D&pubid=2161fdc2-157c-4dc8-be6d-a5f74dacc2ef&gdprl=%7B%22status%22%3A%22tcfv2-timeout%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 ca6974974a9175b71fb6a84145111ed2.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
431N74SD7KCK2S6Z5FVW
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
us0XK3mu9YLXAaRxuWccyNR6hSKWtMAQvjKSNluhK2ggO5IKeXEH6w==
4b8d408108fa08b927d929a0dcb72afb.png
images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5E3B 		5 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b8d408108fa08b927d929a0dcb72afb.png
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c596167891ba8fd4af1f60f5674a0dac31f9c071e7243dc2ce19b7a45c6a9122

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 07 Aug 2023 18:11:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/f_jpg%2Cq_auto%2Ch_300%2Cw_360%2Cc_fill%2Cg_faces:auto%2Ce_sharpen/http%3A//cdn.taboola.com/libtrc/static/thumbnails/4b8d408108fa08b927d929a0dcb72afb.png
age
3904511
edge-cache-tag
420877105570147341183872535332387780579,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
cache-tag
420877105570147341183872535332387780579,378062374120670061586147602817864504244,29ecf9b93bbf306179626feeda1fab70
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
99
expiration
expiry-date="Tue, 27 Jun 2023 00:00:00 GMT", rule-id="delete fetch for taboola after 30 days"
req-referer
https://video-facts.com/
content-length
4856
x-backend-name
LA_DIR:3FP7YNX3LMizprTZsG7BSW--F_LA_nlb201
x-served-by
cache-iad-kjyo7100114-IAD, cache-iad-kjyo7100121-IAD, cache-sna10721-LGB, cache-iad-kcgs7200152-IAD, cache-fra-eddf8230058-FRA
last-modified
Sat, 27 May 2023 13:03:42 GMT
server
nginx
x-timer
S1691431918.119692,VS0,VE0
etag
"6622e5f6a65b790231a824cf1f8befba"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 123, 2
d43e66d3849e39134911c0b623509101.jpg
images.taboola.com/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_991,y_558/http%3A//cdn.taboola.com/libtrc/static/thumbnails/ Frame 5E3B 		17 KB
18 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://images.taboola.com/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_991,y_558/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d43e66d3849e39134911c0b623509101.jpg
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
c2591fedb2ade7c9541ed5ff9b6d19c0c12a194498a66f5a03d5406d560b2c4a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-vcl-time-ms
0
date
Mon, 07 Aug 2023 18:11:58 GMT
via
1.1 varnish, 1.1 varnish
x-debug
/taboola/image/fetch/h_300,w_360,c_fill,g_xy_center,x_991,y_558/http%3A//cdn.taboola.com/libtrc/static/thumbnails/d43e66d3849e39134911c0b623509101.jpg
age
2883705
edge-cache-tag
416209574060412545633386855088830631698,443966713261775401917611379033100704273,29ecf9b93bbf306179626feeda1fab70
cache-tag
416209574060412545633386855088830631698,443966713261775401917611379033100704273,29ecf9b93bbf306179626feeda1fab70
status
200 OK
x-cache
MISS, HIT, MISS, HIT, HIT
x-envoy-upstream-service-time
98
content-length
17636
x-request-id
85ed5e94ca8741f08bb798a946a7640e
x-backend-name
CH_DIR:3FP7YNX3LMizprTZsG7BSW--F_CH_nlb801
x-served-by
cache-iad-kiad7000156-IAD, cache-iad-kiad7000105-IAD, cache-chi-kigq8000137-CHI, cache-iad-kcgs7200077-IAD, cache-fra-eddf8230058-FRA
last-modified
Sat, 17 Jun 2023 13:40:10 GMT
server
nginx
x-timer
S1691431918.119678,VS0,VE0
etag
"5186f4b9889773e515ff645a0c1ade2f"
x-ratelimit-remaining
100
vary
ImageFormat
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=31536000
x-ratelimit-reset
1
x-ratelimit-limit
101
accept-ranges
bytes
timing-allow-origin
*
access-control-allow-headers
X-Requested-With
x-cache-hits
0, 1, 0, 294, 2
Pug
image2.pubmatic.com/AdServer/ Frame D142
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5959916048236780741
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5959916048236780741
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=5959916048236780741
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 4B26 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.7.11 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 18:11:58 GMT
expires
Mon, 07 Aug 2023 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
187791
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
Pug
image2.pubmatic.com/AdServer/ Frame BB13
Redirect Chain
  • https://p.rfihub.com/cm?pub=224&in=1&getuid=https%3A//image2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw%26piggybackCookie%3D%24UID%26gdpr%3D0%26gdpr_consent%3D
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829258782300
42 B
195 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829258782300
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Content-Length
0
Date
Mon, 07 Aug 2023 18:11:58 GMT
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3MzkmdGw9MTI5NjAw&piggybackCookie=5107433829258782300
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Server
Jetty(9.4.51.v20230217)
dcm
aax-eu.amazon-adsystem.com/s/ Frame 6D03 		43 B
855 B 		Document
General
Check archive.org
Download Go to
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=4bd6ceca-c698-4782-a536-f380f757484c&id=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.94.222.140 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:58 GMT
Expires
Thu, 01 Jan 1970 00:00:00 GMT
Pragma
no-cache
Server
Server
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Vary
Content-Type,Accept-Encoding,User-Agent
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
x-amz-rid
MVGVS9KGXR9GX21VX859
Pug
image2.pubmatic.com/AdServer/ Frame CF97
Redirect Chain
  • https://cms.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_ADWDfkH1wvnVYAN-lKfWP4Cgg3nA9QE_QJx9pKY
42 B
438 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_ADWDfkH1wvnVYAN-lKfWP4Cgg3nA9QE_QJx9pKY
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
date
Mon, 07 Aug 2023 18:11:58 GMT
expires
Fri, 04 Aug 1978 12:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=_ADWDfkH1wvnVYAN-lKfWP4Cgg3nA9QE_QJx9pKY
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
pragma
no-cache
strict-transport-security
max-age=86400
Pug
simage2.pubmatic.com/AdServer/ Frame A17A
Redirect Chain
  • https://ib.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5730477144318325021&gdpr=0&gdpr_consent=
42 B
447 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5730477144318325021&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
access-control-allow-credentials
true
access-control-allow-origin
*
an-x-request-uuid
a9f3843a-3f23-4369-9ee6-fd7a5f5b1f1c
cache-control
no-store, no-cache, private
content-length
0
content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:11:58 GMT
expires
Sat, 15 Nov 2008 16:00:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=5730477144318325021&gdpr=0&gdpr_consent=
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
pragma
no-cache
server
nginx/1.21.3
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
csync
sync.adtelligent.com/ Frame 2D66 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=558003&extuid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:11:58 GMT
Etag
98bc15074146f0fd
Server
Adtelligent
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame E9C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=tAUkWaPhT6ixHguCJpx6HA%3D%3D&gdpr=0&gdpr_consent=
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
23.32.184.192 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-32-184-192.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
content-encoding
gzip
last-modified
Tue, 11 Jul 2023 09:39:35 GMT
server
Apache
vary
Accept-Encoding
content-type
text/html
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control
max-age=142509
accept-ranges
bytes
content-length
5606
expires
Wed, 09 Aug 2023 09:47:07 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=&gdpr=0&gdpr_consent=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
qmap
sync.crwdcntrl.net/ Frame E9C7 		49 B
266 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.247.118.8 , Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-247-118-8.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
image/gif
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
*
cache-control
no-cache
x-server
10.45.22.217
content-length
49
expires
0
ids
idsync.frontend.weborama.fr/ Frame E9C7
Redirect Chain
  • https://cr.frontend.weborama.fr/cr?key=pubmatic&gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fidsync.frontend.weborama.fr%2Fids%3Fkey%3Dpubmatic%26value%3D%23PM_USER_ID&gdpr=0
  • https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
0
17 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H3
Server
34.111.131.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.131.111.34.bc.googleusercontent.com
Software
Weborama Collect Frontend /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
via
1.1 google
last-modified
Mon, 07 Aug 2023 18:11:58 GMT
server
Weborama Collect Frontend
vary
Origin
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 03 Jul 2001 06:00:00 GMT

Redirect headers

location
https://idsync.frontend.weborama.fr/ids?key=pubmatic&value=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
date
Mon, 07 Aug 2023 18:11:57 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
p
a.audrte.com/ Frame E9C7
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
  • https://cm.g.doubleclick.net/pixel?google_nid=ar101281&google_hm=ZWkweWZJMnlScUVSQ21KbTVlc0RibkxYZw==&google_redir=https%3A%2F%2Fa.audrte.com%2Fddp%3Fred%3DeyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL...
  • https://a.audrte.com/ddp?red=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbeyJuYW1lIjoiYWRmb3JtIn1dfQ%3D%3D&gdpr=0&gdpr_consent=
  • https://dmp.adform.net/serving/cookie/match/?party=1003&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D&gdpr=0&gdpr_consent=
  • https://a.audrte.com/a?adform_uid=4253700080408965155&r=eyJ1IjoiaHR0cHM6Ly9hLmF1ZHJ0ZS5jb206NDQzL3AiLCJkIjpbXX0%3D
  • https://a.audrte.com/p
68 B
424 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Protocol
HTTP/1.1
Server
52.23.97.211 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-52-23-97-211.compute-1.amazonaws.com
Software
nginx/1.22.1 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:04 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Mon, 07 Aug 2023 18:12:03 GMT
Server
nginx/1.22.1
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Access-Control-Allow-Origin
*
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
Pug
image2.pubmatic.com/AdServer/ Frame E9C7
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBWDxylDhhIbGn_qkq-qF0g&google_cver=1
42 B
348 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBWDxylDhhIbGn_qkq-qF0g&google_cver=1
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:56 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEBWDxylDhhIbGn_qkq-qF0g&google_cver=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame E9C7 		43 B
612 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.91.62.186 Groningen, Netherlands, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
186.62.91.34.bc.googleusercontent.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Sun, 06 Aug 2023 18:11:58 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame E9C7
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4253700080408965155
42 B
242 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4253700080408965155
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:58 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
GET
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&gdpr=0&gdpr_consent=&piggybackCookie=4253700080408965155
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
generic
match.adsrvr.org/track/cmf/ Frame E9C7 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 		197 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:23:24 GMT
server
Apache
etag
"31332-5eaee9adb933b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
59461
expires
Mon, 07 Aug 2023 18:26:58 GMT
optimus_rules.json
tags.crwdcntrl.net/lt/c/15238/ Frame F47C 		155 B
649 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/15238/optimus_rules.json
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Aug 2023 11:15:12 GMT
via
1.1 980059f199bdd603b925d049efedf130.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C1
age
25007
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
content-length
155
last-modified
Wed, 31 May 2023 20:08:40 GMT
server
AmazonS3
etag
"1a1722e9cedbdc8af0dcd3345e46c73a"
vary
Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods
GET
content-type
application/json
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
x-amz-cf-id
BrJ-XMjzT2TUh3L3tV1ZygVAMtwXFG5L8KPUzgyybjZUBVtCa5dANA==
prebid
ib.adnxs.com/ut/v3/ 		471 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
50e1a9f6eac8ee819df2e16bd10c90344c49b271b77c6235592c525886577588
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
an-x-request-uuid
42eb7e8a-203b-4de8-b781-e668f41f03ba
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
471
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cdb
bidder.criteo.com/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=136&profileId=185&av=36&wv=8.3.0&cb=66393481660
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
arj
underdogmedia-d.openx.net/w/1.0/ 		191 B
198 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://underdogmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=%2C%2C%2C&nocache=1691431918353&gdpr=0&us_privacy=1---&pubcid=3146f6fc-3abb-4d61-88f5-4c3e446061c4&schain=1.0%2C1!udmserve.net%2C2751%2C1%2C%2C%2C&aus=728x90%7C300x250%7C160x600%7C300x600&divids=slider-middle-728x90%2Cslider-300x250%2Cslider-160x600%2Cslider-300x600&aucs=slider-middle-728x90%2Cslider-300x250%2Cslider-160x600%2Cslider-300x600&auid=558951699%2C558951700%2C558951701%2C558951703&aumfs=120%2C120%2C120%2C120
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
1cd0aa1ce370d6b57ef4ed20b1d444f64c5b50de517fb62aa86bdf9d67a12371

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.casho.la
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
175
expires
Mon, 26 Jul 1997 05:00:00 GMT
tag
btloader.com/ Frame A0A9
Redirect Chain
  • https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
  • https://btloader.com/tag?o=5409916045492224&upapi=true
15 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?o=5409916045492224&upapi=true
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Server
2606:4700:20::681a:78b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
764bf64fac9ce662419cbe397bc356820b13b046e7c2408f24d0b491791f83ad

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
via
1.1 google
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 07 Aug 2023 17:48:51 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1244
etag
W/"d2be7e6de9c4a66c23354b98cbd4d4de"
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HmdoYZOijl9vM11tWZLnNTtDnp%2FNJ0tIBaGR0DOb33yp9o1Ot3mYvS8%2Frnh0QIEcMoVzhOprRNqPVGWKwcn%2ByfmCVdph%2FhQkOezTZDX3TzEsaARDFSmdGzcGn8nbL6ogTLVOZ5VKOB8Y9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
cf-ray
7f317c336e47997b-FRA

Redirect headers

date
Mon, 07 Aug 2023 18:11:58 GMT
via
1.1 google
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
1241
vary
Origin, Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kix2%2FagB3WxbXxNh9qYPDDehJj9Rn0gJtW19sFRWoMtJmvEcyNVmJJFahq7JK4f6hVJQD1hHVTUba%2BRRJWxEgXhIdXHhxcNIjnZAIzQBcSUoBzw0YXSvFjkc0BgHM5PcyGHAD30PfFtN9Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=utf-8
location
/tag?o=5409916045492224&upapi=true
cache-control
public, max-age=3600, must-revalidate
cf-ray
7f317c328d5d997b-FRA
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ Frame A0A9 		54 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
content-encoding
gzip
last-modified
Mon, 23 Jan 2023 19:40:17 GMT
server
Apache
etag
"d734-5f2f3919e751f-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17407
expires
Mon, 07 Aug 2023 18:26:58 GMT
sync.min.js
tags.crwdcntrl.net/lt/c/16576/ Frame A0A9 		38 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.66.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-66-97.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 11:15:12 GMT
content-encoding
gzip
via
1.1 4f114016fe4d6c05531b0486ec2868be.cloudfront.net (CloudFront)
last-modified
Wed, 31 May 2023 20:34:15 GMT
server
AmazonS3
x-amz-cf-pop
FRA56-C1
age
25007
x-amz-server-side-encryption
AES256
etag
W/"560498a44e7d42477433425cdafd6a16"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
cache-control
public, max-age=86400
x-amz-cf-id
hKxnKGfXZg4-FWL6XWPTHK3uitQLeADmQ05Lxj2cIvy__2X1rzc6mg==
hadron.js
cdn.hadronid.net/ Frame A0A9 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=about%3Ablank&ref=&_it=amazon&partner_id=539
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Mon, 22 May 2023 16:51:11 GMT
server
cloudflare
x-amz-request-id
CYR6ZEGAGSH9EK3S
age
6763
etag
W/"82b3b53182a6a8dbe6684806275e839a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
7f317c31ff42918e-FRA
x-amz-id-2
YYdcwitRr3DHNt7NQm1+Sg902LJSB4f7qhP3lwSODEZFT62tqhOtbf8uahKDj8SpjLadVWf2scE=
id5-api.js
cdn.id5-sync.com/api/1.0/ Frame A0A9 		111 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:266a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
Security Headers
Name Value
Strict-Transport-Security max-age=15552000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=15552000; includeSubDomains; preload
content-encoding
gzip
cf-cache-status
HIT
last-modified
Wed, 02 Aug 2023 11:32:19 GMT
server
cloudflare
x-amz-request-id
QGNMJRCNX2F6Z540
age
2659
etag
W/"850654f90e2ec1863b605c4395898e58"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
cache-control
public, max-age=3600
cf-ray
7f317c31f840364a-FRA
x-amz-id-2
j5ld6KzwPFVU6Rd930exz0a+X/1LLWbV02RrXUIIY/rFcwprRyXb/YEotYzHtILzQ99P5qOF8T4=
launcher-stub.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame A0A9 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"38c0-5e92054540ea5-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
5252
expires
Mon, 07 Aug 2023 18:26:58 GMT
embeds
syndication.twitter.com/i/jot/ Frame B1F7 		43 B
150 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1691431918528%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22results%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%221af83828325ba%3A1691007384923%22%2C%22item_ids%22%3A%5B%221587254966309240841%22%5D%2C%22item_details%22%3A%7B%221587254966309240841%22%3A%7B%22item_type%22%3A0%7D%7D%7D&dnt=1
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time
104
date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 07 Aug 2023 18:11:58 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
f144c7528bc3ec75
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
226d8c6b7717ffbe05c895b649b299ae8b375f3c597c203f1a5836eed0233001
content-length
43
events
bidder.criteo.com/csm/ 		0
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
data
bcp.crwdcntrl.net/6/ Frame F47C 		60 B
337 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/data
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/15238/lt.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.97.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-97-117.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
00df7890e16d45dab1d62c423553a27d2b3fc37d4ab3b7a98ff2a7bff7d6f539

Request headers

Referer
https://ads.us.e-planning.net/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://ads.us.e-planning.net
cache-control
no-cache
x-server
10.45.10.78
access-control-allow-credentials
true
content-length
60
expires
0
video1.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		328 KB
329 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video1.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
773b6b520d53f2c575e87d9bc2be2d3ec999ec9839191f12dc0b6b64d37cef4f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
cdn-edgestorageid
1049
cdn-storageserver
DE-576
cdn-cachedat
07/11/2023 22:32:41
cdn-pullzone
829957
content-length
335580
last-modified
Tue, 11 Jul 2023 21:54:31 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
638
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
108cde0d6c4837ced895fc1582bc374d
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
TfwVAbyX_normal.jpg
pbs.twimg.com/profile_images/1380530524779859970/ Frame B1F7 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pbs.twimg.com/profile_images/1380530524779859970/TfwVAbyX_normal.jpg
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:134:fa2:1627:1fe:edb:1665 , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (via/F338) /
Resource Hash
8b6226066298487bc1f2377a5a5b3c0ae0de8cd8482ae7b2a07b1d194bcbba00
Security Headers
Name Value
Strict-Transport-Security max-age=631138519
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=631138519
x-content-type-options
nosniff
age
271426
x-cache
HIT
server-timing
x-cache;desc= HIT,x-tw-cdn;desc=VZ
content-length
2111
x-response-time
114
surrogate-key
profile_images profile_images/bucket/6 profile_images/1380530524779859970
last-modified
Fri, 09 Apr 2021 14:36:20 GMT
server
ECS (via/F338)
x-tw-cdn
VZ, VZ, VZ
content-type
image/jpeg
access-control-allow-origin
*
x-transaction-id
a720f26ed37a441e
access-control-expose-headers
Content-Length
cache-control
max-age=604800, must-revalidate
perf
7626143928
x-connection-hash
b04b31aeb2b4164e848bfb778020054f09f9551ff753ef2281d79dfb80a69077
accept-ranges
bytes
timing-allow-origin
https://twitter.com, https://mobile.twitter.com
ROS
pbjs.e-planning.net/pbjs/1/68fcc/1/www.casho.la/ Frame C3B2 		63 B
382 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/68fcc/1/www.casho.la/ROS?rnd=0.6136860250094547&e=300x250_0%3A300x250&ur=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pbv=7.37.3&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F&gdpr=0&ccpa=1---&e_id5id=%257B%2522uid%2522%253A%25220%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%257D%257D&e_pubcid=a19d0c94-64e4-4514-97bc-08abfc0761a6
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
3477fa3f9c82987e8ed7b37da7352b41ed88f4a7a01b4754f8cc4a31e455cf34

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

expires
Mon, 07 Aug 2023 18:11:58 GMT
date
Mon, 07 Aug 2023 18:11:58 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
63
x-sid
AMS-929
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C3B2 		528 B
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20598&site_id=371986&zone_id=2032224&size_id=15&gdpr=0&us_privacy=1---&rp_schain=1.0,1!selectmedia.asia,5db5af8628a061787a11d5aa,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=a19d0c94-64e4-4514-97bc-08abfc0761a6%5E1&rf=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tg_i.page=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.domain=casho.la&tg_i.pbadslot=%2F21939239661%2C22655109307%2Ftsm%2Fhb_display%2Fvidsplay_gen%23gpt-passback&tk_flint=pbjs_lite_v7.37.3&x_source.tid=adda6372-c273-4621-8ffd-487a194d092d&l_pb_bid_id=4fe4b9e9e9d4a2&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21939239661%2C22655109307%2Ftsm%2Fhb_display%2Fvidsplay_gen%23gpt-passback&slots=1&rand=0.1322938547387429
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
3195d8e7194c7c0cf90c2377a6f6825244b5fc26c8c342f5cfa2a3a876468643

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
528
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ Frame C3B2 		528 B
585 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=20598&site_id=375140&zone_id=2055626&size_id=15&gdpr=0&us_privacy=1---&rp_schain=1.0,1!selectmedia.asia,5db5af8628a061787a11d5aa,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=a19d0c94-64e4-4514-97bc-08abfc0761a6%5E1&rf=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tg_i.page=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.domain=casho.la&tg_i.pbadslot=%2F21939239661%2C22655109307%2Ftsm%2Fhb_display%2Fvidsplay_gen%23gpt-passback&tk_flint=pbjs_lite_v7.37.3&x_source.tid=adda6372-c273-4621-8ffd-487a194d092d&l_pb_bid_id=56c904d3aa64ac&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F21939239661%2C22655109307%2Ftsm%2Fhb_display%2Fvidsplay_gen%23gpt-passback&slots=1&rand=0.24451480063115483
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
a7239d83dfc0d679576741433b88e4b716c19dc2ce5f829dd75f21d3d1da5356

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
528
expires
Wed, 17 Sep 1975 21:32:10 GMT
bids
prebid-us.creativecdn.com/bidder/prebid/ Frame C3B2 		0
174 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:11:58 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
prebid
ib.adnxs.com/ut/v3/ Frame C3B2 		138 B
812 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.210.90 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4279683b1b25769be172b58123bc6468b2e7ec34deadc0730a3f5d2a249f9394
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
an-x-request-uuid
2162fa1a-9f51-402f-93cb-93c7347f7316
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 941.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
138
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ Frame C3B2 		15 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.casho.la
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bulk
trc.taboola.com/themonetizer-cashola/log/3/ Frame 494C 		0
354 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-cashola/log/3/bulk?route=AM%3AAM%3AV&lti=split-bugfix-v2_ctrl&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 07 Aug 2023 18:11:58 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7230
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230058-FRA
pragma
no-cache
server
nginx
x-timer
S1691431919.799322,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.casho.la
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
bulk
trc.taboola.com/themonetizer-cashola/log/3/ Frame 5E3B 		0
66 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-cashola/log/3/bulk?route=AM%3AAM%3AV&lti=deflated&bulkSize=1
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
8
date
Mon, 07 Aug 2023 18:11:58 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7387
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230058-FRA
pragma
no-cache
server
nginx
x-timer
S1691431919.808167,VS0,VE8
content-type
image/gif
access-control-allow-origin
https://www.casho.la
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
launcher.min.js
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ Frame A0A9 		49 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
content-encoding
gzip
last-modified
Tue, 20 Sep 2022 18:52:26 GMT
server
Apache
etag
"c4b6-5e920545406d3-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17042
expires
Mon, 07 Aug 2023 18:26:58 GMT
c.gif
c.clarity.ms/
Redirect Chain
  • https://c.clarity.ms/c.gif
  • https://c.bing.com/c.gif?ctsa=mr&CtsSyncId=DAFF0136E70D4C4E88A01015843CA421&RedC=c.clarity.ms&MXFR=296C28B66DF364AE0D093BD069F36A57
  • https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DAFF0136E70D4C4E88A01015843CA421&MUID=25D8FA5AAF8860B516AEE93CAE2461D8
42 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DAFF0136E70D4C4E88A01015843CA421&MUID=25D8FA5AAF8860B516AEE93CAE2461D8
Protocol
H2
Server
68.219.88.97 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
Microsoft-IIS/10.0 / ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:59 GMT
last-modified
Tue, 06 Jun 2023 17:31:23 GMT
server
Microsoft-IIS/10.0
etag
"dca6ffb69c98d91:0"
x-powered-by
ASP.NET
content-type
image/gif
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:59 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 2EDB9FFE3698439B872B0D1CDAD850D6 Ref B: FRA31EDGE0115 Ref C: 2023-08-07T18:11:59Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location
https://c.clarity.ms/c.gif?ctsa=mr&CtsSyncId=DAFF0136E70D4C4E88A01015843CA421&MUID=25D8FA5AAF8860B516AEE93CAE2461D8
cache-control
private, no-cache, proxy-revalidate, no-store
content-length
0
syncframe
gum.criteo.com/ Frame 6420 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.casho.la
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Mon, 07 Aug 2023 18:11:58 GMT
server
Kestrel
server-processing-duration-in-ticks
283211
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
ads
pagead2.googlesyndication.com/gampad/ Frame 3C37 		124 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21939239661%2C22737937330%2Fapl%2Fviaaplads8204%2Fvast_150&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1090341401072665&&_timestamp=1691431917964&vpa=auto&vpmute=1&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=3650857061&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=11759&dt=1691431918839&scor=2154277631316923&ged=ve4_td12_tt8_pd12_la12000_er0.0.153.300_vi0.0.1200.1600_vp100_ts2_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:58 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
map
bcp.crwdcntrl.net/6/ Frame A0A9 		60 B
332 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bcp.crwdcntrl.net/6/map
Requested by
Host: tags.crwdcntrl.net
URL: https://tags.crwdcntrl.net/lt/c/16576/sync.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
108.128.97.117 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-108-128-97-117.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
e7ba503d53f9fb2d367e4414ec4da7667f2ad0013012bb60b79b5de2bad86c87

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.casho.la
cache-control
no-cache
x-server
10.45.18.164
access-control-allow-credentials
true
content-length
60
expires
0
state
api.btloader.com/mw/ Frame A0A9 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: btloader.com
URL: https://btloader.com/tag?aax_id=AAX14O5G1&upapi=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Aug 2023 18:11:59 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ Frame A0A9 		43 B
931 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2141291
x-guploader-uploadid
ADPycdv-FMCoA4KLF_5In1-OoPsYu53zkDZvbuOri95hq2PMfFmQ8af2Y_SqrnR1-Svoiud9uVO4nDe2yKOKgzVc1Ox0XrqdWAkd
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WzFQ59VoxT3xa28rOkMeQfYEtGIX9ZRqrZ2HhZ6arbYC4B4pJgrnKvlBwz5pa4jP4avT%2FRvAJTSrF0v3d84efI3knp8TpFRVR2J7WTHhtt0bMkPORWrkjzOpamhawPqpYxxZJHkd9PodV9XkyQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7f317c35e982bb56-FRA
expires
Thu, 13 Jul 2023 23:59:53 GMT
favicon.ico
ad.doubleclick.net/ Frame A0A9 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.166 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s01-in-f6.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 05:55:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
44184
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Tue, 08 Aug 2023 05:55:35 GMT
px.gif
ad-delivery.net/ Frame A0A9 		43 B
341 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.5050309208034529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:346 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
2141291
x-guploader-uploadid
ADPycdv-FMCoA4KLF_5In1-OoPsYu53zkDZvbuOri95hq2PMfFmQ8af2Y_SqrnR1-Svoiud9uVO4nDe2yKOKgzVc1Ox0XrqdWAkd
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NhjKlzCP2SOuGKDod2GCljfAuU6ImSSKOY%2FqfAOixf4u4iqCBO3lOcWwxdz5Z%2BXyOs6nvAfDR%2Fso%2Bv8ndcvDOA1OFlQ61fTSwMBVVLxniFa%2FnJ9a43WpAbD7xhtoec4Q1cg%2FZor3EiRApPGapg%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
7f317c35f985bb56-FRA
expires
Thu, 13 Jul 2023 23:59:53 GMT
csi
csi.gstatic.com/ Frame 3C37 		0
0
visible
trc.taboola.com/themonetizer-cashola/log/3/ Frame 5E3B 		0
86 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://trc.taboola.com/themonetizer-cashola/log/3/visible?route=AM%3AAM%3AV&lti=deflated
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

x-vcl-time-ms
9
date
Mon, 07 Aug 2023 18:11:59 GMT
via
1.1 varnish
x-fastly-to-nlb-rtt
7625
x-cache
MISS
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
x-service-version
v1
x-served-by
cache-fra-eddf8230058-FRA
pragma
no-cache
server
nginx
x-timer
S1691431919.999354,VS0,VE9
content-type
image/gif
access-control-allow-origin
https://www.casho.la
cache-control
no-cache
access-control-allow-credentials
true
accept-ranges
bytes
x-cache-hits
0
1634065213_mercedes-wind2.ts
cdn.globalsun.io// 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io//1634065213_mercedes-wind2.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
e2ae39a143aba9668d3bdddbdcbf8b0bebb6a4e8c94ec2bc827e926bc6bc0c8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:59 GMT
x-cache
HIT
x-77-cache
HIT
x-age
880508
x-accel-date
1690551411
content-length
1087768
x-77-nzt
AcO1qhH38MX/fG8NAA
x-accel-expires
@1691588211
last-modified
Tue, 12 Oct 2021 19:00:13 GMT
server
CDN77-Turbo
etag
"109918-5ce2c748f8940"
x-77-nzt-ray
4c156224145989daef33d164b45a7c00
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.casho.la
accept-ranges
bytes
sid
mug.criteo.com/ Frame 6420
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=publishertag&domain=casho.la&sn=ChromeSyncframe&so=0&topUrl=www.casho.la&cw=1&lsw=1&topicsavail=0&fledgeavail=0
  • https://mug.criteo.com/sid?cpp=-tKnPnxEUHJYa2NYdEx5aXdZRGVlbjUxTmx0UWJxbHN2ZndjNmQrRWNSQ1lBRitYaUwvZkJRYmxNdlRxNVpkUGlyTjNucWY4VTN4YWJ1bFdkVnZ0SjYwYXZ6ZGlMdzZjUFozd0J4a2gvMmlIUFhJL2xoQUF5UEx6RVZFRU...
438 B
652 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=-tKnPnxEUHJYa2NYdEx5aXdZRGVlbjUxTmx0UWJxbHN2ZndjNmQrRWNSQ1lBRitYaUwvZkJRYmxNdlRxNVpkUGlyTjNucWY4VTN4YWJ1bFdkVnZ0SjYwYXZ6ZGlMdzZjUFozd0J4a2gvMmlIUFhJL2xoQUF5UEx6RVZFRUlWWVhaeHdrQUNyeWdkaE9HYytaYlBSSGFIdzhuY0hta0tUMWgwdy9raVlKVWIwWGZEdkZYNnVkbm9TZzlvOWhHMkYxOW9VMG5jZ013b2tLMSs4dnZTNEhINkxHdlpHY1ZKWVZYbVZwbmtxbEVvOWlXZGQwb1doajNVZFQ4VWtwZVA5MHdPU3BncWUxK2dlNW52c1F3cDFaK1hRRk9rUT09fA&cppv=2
Protocol
H2
Server
178.250.7.13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
a98b13a75d64a26595c4a686560938ea52f6a23df477af170fd307572af82aaf
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://gum.criteo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:59 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://gum.criteo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
1221822
expires
0

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
location
https://mug.criteo.com/sid?cpp=-tKnPnxEUHJYa2NYdEx5aXdZRGVlbjUxTmx0UWJxbHN2ZndjNmQrRWNSQ1lBRitYaUwvZkJRYmxNdlRxNVpkUGlyTjNucWY4VTN4YWJ1bFdkVnZ0SjYwYXZ6ZGlMdzZjUFozd0J4a2gvMmlIUFhJL2xoQUF5UEx6RVZFRUlWWVhaeHdrQUNyeWdkaE9HYytaYlBSSGFIdzhuY0hta0tUMWgwdy9raVlKVWIwWGZEdkZYNnVkbm9TZzlvOWhHMkYxOW9VMG5jZ013b2tLMSs4dnZTNEhINkxHdlpHY1ZKWVZYbVZwbmtxbEVvOWlXZGQwb1doajNVZFQ4VWtwZVA5MHdPU3BncWUxK2dlNW52c1F3cDFaK1hRRk9rUT09fA&cppv=2
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
258435
content-length
0
expires
0
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 5E3B 		254 B
717 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 07 Aug 2023 18:11:59 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
13494
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1691431919.042899,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
75
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6236
f539211219b796ffbb49949997c764f0.png
cdn.taboola.com/libtrc/static/thumbnails/ Frame 494C 		254 B
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.taboola.com/libtrc/static/thumbnails/f539211219b796ffbb49949997c764f0.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
hL.cyLD7Q4TL5ceY.7JQwF9m5IYI8mkC
date
Mon, 07 Aug 2023 18:11:59 GMT
via
1.1 varnish
x-amz-request-id
1V3H9VCVPBG1B2M0
age
13494
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
254
x-amz-id-2
ecEkqIT2UiXx3kNvrYZW8vzeO4j3+ukvjDCTHGC9cb5Y1awQ9zHumBitHqhNLm54Y/VcUMLqVJ0=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Wed, 24 Jun 2015 07:14:11 GMT
server
AmazonS3
x-amz-meta-s3cmd-attrs
uid:0/gname:root/uname:root/gid:0/mode:33188/mtime:1377415166/atime:1435052450/md5:dfa7b52c86e56bd67fa4002f6ed19854/ctime:1422381567
x-timer
S1691431919.057447,VS0,VE0
etag
"dfa7b52c86e56bd67fa4002f6ed19854"
content-type
image/png
abp
38
access-control-allow-origin
*
cache-control
private,max-age=31536000
accept-ranges
bytes
x-cache-hits
6237
launcher
proc.ad.cpe.dotomi.com/cvx/client/direct/ Frame A0A9 		190 B
394 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.1.1&lid=681
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fa8:8806:13::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
server
nginx
vary
Origin
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
max-age=1800
access-control-allow-credentials
true
content-length
190
expires
Mon, 07 Aug 2023 18:41:59 GMT
csi
csi.gstatic.com/ Frame 3C37 		0
0
dsp
hhkld.com/logs/event/ 		43 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=105507&tids=30560&v=20&cb=1691431919094
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-ffe075f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
last-modified
Fri, 04 Aug 2023 17:20:08 GMT
server
nginx
etag
"64cd3348-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 21C9 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524512
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame BFE9 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
video2.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		310 KB
311 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video2.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
830e57437d284f9eac9503ba5e9251c5292f688975ef451cdedad3bd9bbb3dbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
cdn-edgestorageid
1078
cdn-storageserver
DE-198
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
317344
last-modified
Mon, 09 Jan 2023 09:55:09 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
519
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ca175c7d1a57b44c96015bd86f8900a6
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
coreid.min.js
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ Frame A0A9 		197 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.209.22.22 Vienna, Austria, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-209-22-22.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
content-encoding
gzip
last-modified
Thu, 13 Oct 2022 18:23:24 GMT
server
Apache
etag
"31332-5eaee9adb933b-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
59461
expires
Mon, 07 Aug 2023 18:26:59 GMT
embeds
syndication.twitter.com/i/jot/ Frame B1F7 		43 B
115 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://syndication.twitter.com/i/jot/embeds?l=%7B%22_category_%22%3A%22tfw_client_event%22%2C%22triggered_on%22%3A1691431919168%2C%22event_namespace%22%3A%7B%22client%22%3A%22tfw%22%2C%22page%22%3A%22tweet%22%2C%22action%22%3A%22FCP%22%2C%22component%22%3A%22performance%22%2C%22section%22%3A%22main%22%7D%2C%22context%22%3A%22horizon%22%2C%22client_version%22%3A%22aaf4084522e3a%3A1674595607486%22%2C%22dnt%22%3Atrue%2C%22widget_id%22%3A%22twitter-widget-0%22%2C%22widget_origin%22%3A%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22widget_frame%22%3A%22false%22%2C%22widget_partner%22%3A%22%22%2C%22widget_site_screen_name%22%3A%22%22%2C%22widget_site_user_id%22%3A%22%22%2C%22widget_creator_screen_name%22%3A%22%22%2C%22widget_creator_user_id%22%3A%22%22%2C%22widget_iframe_version%22%3A%221af83828325ba%3A1691007384923%22%2C%22item_ids%22%3A%5B%221587254966309240841%22%5D%2C%22item_details%22%3A%7B%221587254966309240841%22%3A%7B%22item_type%22%3A0%7D%7D%2C%22duration_ms%22%3A7344.900001525879%7D&dnt=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-response-time
104
date
Mon, 07 Aug 2023 18:11:58 GMT
strict-transport-security
max-age=631138519
last-modified
Mon, 07 Aug 2023 18:11:59 GMT
server
tsa_o
vary
Origin
content-type
image/gif
x-transaction-id
432433f6540081a1
cache-control
must-revalidate, max-age=600
perf
7626143928
x-connection-hash
226d8c6b7717ffbe05c895b649b299ae8b375f3c597c203f1a5836eed0233001
content-length
43
radApi
edge.udmserve.net/ 		20 B
160 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://edge.udmserve.net/radApi
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.120 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
underdogmedia.com
Software
/
Resource Hash
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
*
Date
Mon, 07 Aug 2023 18:11:59 GMT
Content-Length
20
Content-Type
application/json
ats.js
ats.rlcdn.com/ Frame A0A9 		236 KB
78 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ats.rlcdn.com/ats.js
Requested by
Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.224.103.29 , United States, ASN (),
Reverse DNS
server-13-224-103-29.zrh50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
L2Uqg18UIi_4fqt_LD1.VZwHoDyvOGyd
content-encoding
gzip
via
1.1 c202f63846a430afd2d556266be8b50c.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 12:10:10 GMT
last-modified
Thu, 08 Jun 2023 08:56:13 GMT
server
AmazonS3
x-amz-cf-pop
ZRH50-C1
age
21710
x-amz-server-side-encryption
AES256
etag
W/"a23e5e8674928ef24c6825d63b8d2927"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
x-amz-cf-id
bi0UUatz4ecrqyz3JxlePw8ffinwFUChLsA4W1nmqgyl3F_mfWRrmA==
cds-pips.js
cdn.taboola.com/scripts/ Frame 494C 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-7-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Mon, 07 Aug 2023 18:11:59 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
1646
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1691431919.437938,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
33
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
8493
cds-pips.js
cdn.taboola.com/scripts/ Frame 5E3B 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.taboola.com/scripts/cds-pips.js
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230802-16-RELEASE.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.193.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
z5FoayaLm_Bvew3pbkytkoHczFCvkPwT
content-encoding
gzip
via
1.1 varnish
date
Mon, 07 Aug 2023 18:11:59 GMT
x-amz-request-id
1V3JN4Z08BWJNCK3
age
1646
x-cache
HIT
x-amz-replication-status
COMPLETED
content-length
1340
x-amz-id-2
yvDfBoaedLRfPwP0+zgbFCFLRwR4EiC1X5itZ+rLiciBisyuBdOMxzu1/H2ZTO40ir0cZXkf7JA=
x-served-by
cache-fra-eddf8230058-FRA
last-modified
Wed, 12 Oct 2022 13:57:57 GMT
server
AmazonS3
x-timer
S1691431920.586111,VS0,VE0
etag
"383fa66d2a0a09f4a6e64a9593ad43bb"
vary
Accept-Encoding
content-type
application/javascript
abp
74
access-control-allow-origin
*
cache-control
private, max-age=3600
accept-ranges
bytes
x-cache-hits
8496
video3.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		303 KB
304 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video3.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
73c6789620af1c9f950074e861541aed0d43bdd4e6116fe95d0d406310333695

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-165
cdn-cachedat
08/02/2023 09:44:36
cdn-pullzone
829957
content-length
310764
last-modified
Mon, 09 Jan 2023 09:55:05 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
85
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
128e1dbb68ceceabc7d47de25a06a922
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
pips.taboola.com/ Frame 494C 		64 B
243 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
c9d1030be753873dbf9c353c21a26d0dbaf705ed62c9c7d5c0259c730605ccbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220111-FRA
date
Mon, 07 Aug 2023 18:11:59 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.casho.la
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
1634065213_mercedes-wind3.ts
cdn.globalsun.io// 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io//1634065213_mercedes-wind3.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
d3159c59b77f486ef3195198776e26dbd97d8ddb303881e0207a4f25792f1100

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:11:59 GMT
x-cache
HIT
x-77-cache
HIT
x-age
880324
x-accel-date
1690551595
content-length
1077052
x-77-nzt
AcO1qhEQ2vD/xG4NAA
x-accel-expires
@1691588395
last-modified
Tue, 12 Oct 2021 19:00:14 GMT
server
CDN77-Turbo
etag
"106f3c-5ce2c749ecb80"
x-77-nzt-ray
4c156224145989daef33d16493804b25
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.casho.la
accept-ranges
bytes
/
pips.taboola.com/ Frame 5E3B 		64 B
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pips.taboola.com/
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
c9d1030be753873dbf9c353c21a26d0dbaf705ed62c9c7d5c0259c730605ccbc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-served-by
cache-fra-etou8220111-FRA
date
Mon, 07 Aug 2023 18:11:59 GMT
via
1.1 varnish
server
Varnish
access-control-allow-methods
GET
x-cache
HIT
access-control-allow-origin
https://www.casho.la
cache-control
no-store
accept-ranges
bytes
content-length
64
retry-after
0
x-cache-hits
0
ads
pagead2.googlesyndication.com/gampad/ Frame 21C9 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7047%2C22737937330%2Fapl%2Fviaaplads7047%2Fvast_150&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=4336883065961692&&_timestamp=1691431919109&vpa=auto&vpmute=1&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=770410344&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=12796&dt=1691431919662&scor=2194456703329113&ged=ve4_td13_tt9_pd13_la13000_er0.0.153.300_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 21C9 		0
0
video4.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		239 KB
240 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video4.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
fef271305260f71472cf681f3b9ecfed76cc378f7ad06fa95a6db81dca1ea599

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
cdn-edgestorageid
860
cdn-storageserver
DE-570
cdn-cachedat
07/12/2023 01:57:55
cdn-pullzone
829957
content-length
245152
last-modified
Tue, 11 Jul 2023 21:54:31 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
643
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
3f699e47ca08fea95b598e7061bf597c
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
cds.taboola.com/ Frame 494C 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=121c88e6-f492-499c-a607-55874df4c08f-tuctbcab96b&uad=d5792801335f11b32a948d51b64bb655b16f8767f5837f2be4c406715994752f&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
no-store
server
nginx
/
cds.taboola.com/ Frame 5E3B 		0
82 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://cds.taboola.com/?uid=d008b7c9-3e0c-4302-8d24-1f1f8501e6d5-tuctbcab96c&uad=d5792801335f11b32a948d51b64bb655b16f8767f5837f2be4c406715994752f&mbl=ZmFsc2U=
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/scripts/cds-pips.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.224.32 , United States, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
no-store
server
nginx
csi
csi.gstatic.com/ Frame 21C9 		0
0
dsp
hhkld.com/logs/event/ 		43 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=105507&tids=30561&v=20&cb=1691431919760
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-ffe075f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
last-modified
Fri, 04 Aug 2023 17:20:08 GMT
server
nginx
etag
"64cd3348-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame E309 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524512
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 8A7D 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2142
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
video5.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		326 KB
327 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video5.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
07a489999c001495c859dc7db0a16c63e02a3c3a7cd2827d942d53372491fec7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
cdn-edgestorageid
1049
cdn-storageserver
DE-165
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
333512
last-modified
Mon, 09 Jan 2023 09:55:11 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
525
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
79ff4357545521070f923704d94df3f1
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
collect
region1.google-analytics.com/g/ 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.google-analytics.com/g/collect?v=2&tid=G-PEGZJDQ1BR&gtm=45je3820&_p=330834980&cid=1849936587.1691431909&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=2&dr=https%3A%2F%2Fwww.google.com%2F&sid=1691431914&sct=1&seg=0&dl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dt=Cashola
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/destination?id=G-PEGZJDQ1BR&l=dataLayer&cx=c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
multitracking
ghb.hb.selectmedia.asia/adunit/ Frame C3B2 		0
223 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb.hb.selectmedia.asia/adunit/multitracking
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/HX2S5/hbw_master_310028_13810.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.83.69.58 Cricklewood, United Kingdom, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Date
Mon, 07 Aug 2023 18:12:00 GMT
Access-Control-Allow-Credentials
true
Server
Adtelligent
Connection
Keep-Alive
X-Robots-Tag
noindex
video6.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		243 KB
244 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video6.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
77ad0416dd9126399904bfc49b3fe6d296d2bd4e13927ca9ddb0958365bc931e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
cdn-edgestorageid
1048
cdn-storageserver
DE-576
cdn-cachedat
06/29/2023 05:46:22
cdn-pullzone
829957
content-length
248536
last-modified
Mon, 09 Jan 2023 09:55:08 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
529
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
ba56d294343216e1b9dec3eb01c201f2
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
video7.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		371 KB
372 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video7.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
5694d61d5fc291fc115956d1e9bc49cf4039905e68244738297c6c80905206cc

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
cdn-edgestorageid
1077
cdn-storageserver
DE-167
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
379948
last-modified
Mon, 09 Jan 2023 09:55:07 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
85
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
9b0da7fdae9c3279b34cf3f0aaa54350
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
SPug
simage4.pubmatic.com/AdServer/ Frame E9C7 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D558003%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:11:59 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
collect
q.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Date
Mon, 07 Aug 2023 18:12:00 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
ads
pagead2.googlesyndication.com/gampad/ Frame E309 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21939239661%2C22737937330%2Fapl%2Fviaaplads8204%2Fvast_300&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=2454080410923327&&_timestamp=1691431919767&vpa=auto&vpmute=1&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=2351590788&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=13367&dt=1691431920334&scor=3701892248017340&ged=ve4_td13_tt9_pd13_la13000_er0.0.153.300_vi0.0.1200.1600_vp100_ts0_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame E309 		0
0
csi
csi.gstatic.com/ Frame E309 		0
0
dsp
hhkld.com/logs/event/ 		43 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=105507&tids=30562&v=20&cb=1691431920430
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-ffe075f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
last-modified
Fri, 04 Aug 2023 17:20:08 GMT
server
nginx
etag
"64cd3348-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 3FC9 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524513
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame A782 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2143
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
PugMaster
image6.pubmatic.com/AdServer/ Frame 0A66 		2 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75908716&p=162412&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e71a3fdc5b1de95f68377e3906681f27acbc21d202191f7b4ccd560558d7e825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 04E8 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=92023180&p=156631&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e51e019667136ffdb01eda1a7d0b2925084d4de0ce48d686ec38432a664261ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:12:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 1204 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=34174636&p=20156578&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
fe1e79ae09c4b22847324dbe1b75bf737f7251ef491f9961d6fdb66f0faaa4f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 07 Aug 2023 18:11:59 GMT
content-length
1330
content-type
text/html; charset=UTF-8
PugMaster
image6.pubmatic.com/AdServer/ Frame 74DA 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=75221434&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e71a3fdc5b1de95f68377e3906681f27acbc21d202191f7b4ccd560558d7e825

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:11:58 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame DA7D 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=79520776&p=156813&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
e51e019667136ffdb01eda1a7d0b2925084d4de0ce48d686ec38432a664261ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:12:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
img.fetch
udmserve.net/udm/ 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://udmserve.net/udm/img.fetch?sid=17661;tid=1;dt=6;cb=867bb09ee35d69b;refresh=2;trigger=ref_aft_def_standard;gdprApplies=true;consentGiven=false;consentData=cmpMissing
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.21.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_CBC
Server
68.71.249.118 Toronto, Canada, ASN20093 (ZEROLAG, US),
Reverse DNS
Software
/
Resource Hash
9b33b15476886728d6988a3bb97c08f8c1aff7ee35dfd438a8df85970f822a4d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:12:01 GMT
Content-Encoding
gzip
P3p
NOI DSP CURa ADMa DEVa PSAa PSDa OUR IND UNI COM NAV INT
Content-Type
application/x-javascript
Cache-Control
no-cache, no-store, must-revalidate
Connection
Keep-Alive
Content-Length
1692
Expires
0
PugMaster
image6.pubmatic.com/AdServer/ Frame 310B 		47 B
167 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=72956479&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
198.47.127.19 , United States, ASN3257 (GTT-BACKBONE GTT, US),
Reverse DNS
Software
/
Resource Hash
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
date
Mon, 07 Aug 2023 18:11:59 GMT
content-length
47
content-type
text/html; charset=UTF-8
match
c1.adform.net/serving/cookie/ Frame 879B 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:00 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame 90B4
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
42 B
298 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 07 Aug 2023 18:12:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 1D43
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
42 B
301 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 07 Aug 2023 18:12:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 0E49 		85 B
177 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230055-FRA
x-timer
S1691431921.925224,VS0,VE92
Pug
simage2.pubmatic.com/AdServer/ Frame 100A
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 07 Aug 2023 18:12:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
sync
ads.servenobid.com/ Frame 684B 		0
356 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/sync?pid=316&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
amp-access-control-allow-source-origin
*
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length
0
content-type
text/html;charset=ISO-8859-1
date
Mon, 07 Aug 2023 18:12:00 GMT
mw
mwzeom.zeotap.com/ Frame 0A66 		95 B
204 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f317c41c91d37ca-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 0A66
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
frontend-id
7
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
/
spl.zeotap.com/ Frame 0A66
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=dad5d7eacb4c82271591623a21fe8fb4&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
95 B
647 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f317c459f5d37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=328034c53ba2eadd
content-length
0
B4052459-A3E1-4FA8-B11E-0B82269C7A1C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 0A66 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B4052459-A3E1-4FA8-B11E-0B82269C7A1C?gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 0A66 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&redir=true&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 0A66
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dpubmatic
  • https://x.bidswitch.net/sync?dsp_id=59&user_id=c0778beb-cab4-431b-8c89-03c9253aaa70&ssp=pubmatic
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=59&user_id=c0778beb-cab4-431b-8c89-03c9253aaa70&ssp=pubmatic
Protocol
H2
Server
18.184.249.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
//x.bidswitch.net/sync?dsp_id=59&user_id=c0778beb-cab4-431b-8c89-03c9253aaa70&ssp=pubmatic
Date
Mon, 07 Aug 2023 18:12:01 GMT
P3p
policyref="http://cdn.avocet.io/w3c/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
Content-Length
121
Content-Type
text/html; charset=utf-8
Pug
simage2.pubmatic.com/AdServer/ Frame 0A66
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 0A66 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 0A66
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c79a9aa0-b190-4b06-aaaa-a6f2009ad89d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c79a9aa0-b190-4b06-aaaa-a6f2009ad89d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:c79a9aa0-b190-4b06-aaaa-a6f2009ad89d&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 07 Aug 2023 18:12:01 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
mw
mwzeom.zeotap.com/ Frame 04E8 		95 B
195 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f317c41d92a37ca-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 04E8
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
/
spl.zeotap.com/ Frame 04E8
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match?party=1242&redirect=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D68%26icm%26cver%26mapped%3D__ADFUID__%26gdpr%3D0
  • https://pixel.onaudience.com/?partner=68&icm&cver&mapped=4253700080408965155&gdpr=0
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=328034c53ba2eadd/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1
  • https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
95 B
546 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f317c45dfea37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=328034c53ba2eadd
content-length
0
match
c1.adform.net/serving/cookie/ Frame E81D 		35 B
599 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:00 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
B4052459-A3E1-4FA8-B11E-0B82269C7A1C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 04E8 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B4052459-A3E1-4FA8-B11E-0B82269C7A1C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 04E8 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame 04E8
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433829258782300&expires=30&ssp=pubmatic
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433829258782300&expires=30&ssp=pubmatic
Protocol
H2
Server
18.184.249.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433829258782300&expires=30&ssp=pubmatic
Date
Mon, 07 Aug 2023 18:12:01 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 4834
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
42 B
220 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 07 Aug 2023 18:12:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 95D2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 07 Aug 2023 18:12:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 04E8
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
1 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 04E8 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 7F37 		85 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230055-FRA
x-timer
S1691431921.949058,VS0,VE98
Pug
simage2.pubmatic.com/AdServer/ Frame 04E8
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b4a62d61-cf1a-4e04-819f-85cece19e5ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b4a62d61-cf1a-4e04-819f-85cece19e5ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:b4a62d61-cf1a-4e04-819f-85cece19e5ae&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 07 Aug 2023 18:12:01 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 155D
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:11:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 07 Aug 2023 18:12:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
Pug
image2.pubmatic.com/AdServer/ Frame 0B09
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFFNnZFN0pvbWdBQUNmbjFleXF2Zw&gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAJN3U7JomgAACjQXusM1g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dpp%252Cpm%26bee...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=2&userid=7640565164426888160&gdpr=0&gdpr_consent=
  • https://bh.contextweb.com/bh/rtset?ev=AAJN3U7JomgAACjQXusM1g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26userid%3D7640565164426888160%26gdpr%3D0%26gdpr_consen...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&userid=7640565164426888160&gdpr=0&gdpr_consent=&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=3&ev=AAJN3U7...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJN3U7JomgAACjQXusM1g&gdpr=0&gdpr_consent=
42 B
199 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJN3U7JomgAACjQXusM1g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 07 Aug 2023 18:12:01 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJN3U7JomgAACjQXusM1g&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
sync
t.adx.opera.com/pub/ Frame 5BEA 		0
0
bridge
cm.adgrx.com/ Frame 7EEB 		43 B
282 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:00 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
Pug
image2.pubmatic.com/AdServer/ Frame B947
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=u9f7xv84yssp
42 B
309 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=u9f7xv84yssp
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Mon, 07 Aug 2023 18:12:01 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=u9f7xv84yssp
lws
224
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
i.match
s.tribalfusion.com/z/ Frame 1D22
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
420 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f317c449e0fbb62-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f317c42dae3bb62-FRA
content-type
text/html
date
Mon, 07 Aug 2023 18:12:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
675
cookiesync
core.iprom.net/ Frame 4488 		43 B
280 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:12:01 GMT
Vary
Accept-Encoding
X-adserver-worker
leviathan-d2f3c31c6f2f@version_1.566
X-core-time
1ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 5BCA
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
42 B
320 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:12:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
ipac.ctnsnet.com/int/ Frame 9D0E 		43 B
203 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame E681
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=328034c53ba2eadd/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYXSaYWjVYhgXngQQ&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYXSaYWjVYhgXngQQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYXSaYWjVYhgXngQQ&gdpr=0&gdpr_consent=
pub
matching.truffle.bid/sync/ Frame 5D60 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 07 Aug 2023 18:12:01 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 35A2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E174BB98A6C74CFCA5F8F526A7BFEA3A&gdpr=0&gdpr_consent=
1 B
72 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E174BB98A6C74CFCA5F8F526A7BFEA3A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 07 Aug 2023 18:12:00 GMT
expires
Sun, 06 Aug 2023 18:12:00 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E174BB98A6C74CFCA5F8F526A7BFEA3A&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 6D8A
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2240367196
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2240367196
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 07 Aug 2023 18:12:01 GMT
etag
RX454fa167f27e4ceebc7e385eecb31b3a003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2240367196
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
um
u-ams03.e-planning.net/ Frame 21EF 		42 B
103 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u-ams03.e-planning.net/um?dc=a208d9366469aa64&fi=c1ab0a3ba8e76a50&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-type
image/gif
date
Mon, 07 Aug 2023 18:12:00 GMT
server
openresty
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 04E8 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 04E8
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5730477144318325021
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5730477144318325021
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:01 GMT
an-x-request-uuid
2a4315fe-21d3-4b0b-bda2-2fc8fd7fbb3c
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5730477144318325021
x-proxy-origin
80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 1204 		95 B
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f317c42199137ca-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 1204
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
frontend-id
12
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
generic
match.adsrvr.org/track/cmf/ Frame 1204
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
Protocol
H2
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=xksw9la&ttd_tpi=1&gdpr=0
content-length
0
match
c1.adform.net/serving/cookie/ Frame E92B 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:00 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
B4052459-A3E1-4FA8-B11E-0B82269C7A1C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 1204 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B4052459-A3E1-4FA8-B11E-0B82269C7A1C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 1204 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 1204
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://sonata-notifications.taptapnetworks.com/web/cookie/bidswitch/sync?bidswitch_ssp_id=pubmatic&bsw_custom_parameter=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://x.bidswitch.net/sync?dsp_id=413&ssp=pubmatic&user_id=csonata_e7d263b1-30fa-44da-81ce-9af37745264c&bsw_param=affb49e9-0cc2-4344-98f0-bafc04e15f9c&expires=10&gdpr=0&gdpr_consent=&gdpr_pd=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
166 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:11:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 24AD
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 07 Aug 2023 18:12:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame EAE2
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 07 Aug 2023 18:12:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 1204
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
B4052459-A3E1-4FA8-B11E-0B82269C7A1C
sync.missena.io/pubmatic/ Frame 10BA 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.missena.io/pubmatic/B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.198.80.207 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-198-80-207.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Credentials
true
Access-Control-Allow-Origin
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Date
Mon, 07 Aug 2023 18:12:01 GMT
Expires
Wed, 11 Nov 1998 11:11:11 GMT
Last-Modified
Mon, 07 Aug 2023 18:12:01 GMT
Pragma
no-cache
Vary
Origin
mw
mwzeom.zeotap.com/ Frame 74DA 		95 B
154 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f317c4259df37ca-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame 74DA
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
/
spl.zeotap.com/ Frame 74DA
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=dad5d7eacb4c82271591623a21fe8fb4&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
95 B
530 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f317c459f5a37ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=328034c53ba2eadd
content-length
0
match
c1.adform.net/serving/cookie/ Frame B5EA 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:01 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
B4052459-A3E1-4FA8-B11E-0B82269C7A1C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 74DA 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B4052459-A3E1-4FA8-B11E-0B82269C7A1C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame 74DA 		0
38 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 74DA
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://ws.rqtrk.eu/pull?pid=6298098f-c92c-4c68-bdfc-f454f26a86ac&redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26gdpr%3D%24GDPR%26gdpr_consent%3D%24GDPR_CO...
  • https://x.bidswitch.net/sync?dsp_id=193&user_id=&gdpr=0&gdpr_consent=&expires=1&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=
1 B
244 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=affb49e9-0cc2-4344-98f0-bafc04e15f9c&gdpr=0&gdpr_consent=&gdpr_pd=
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame B6E2
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 07 Aug 2023 18:12:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 8163
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 07 Aug 2023 18:12:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame 74DA
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
1 B
255 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:11:59 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 74DA 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame D12A 		85 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230055-FRA
x-timer
S1691431921.030362,VS0,VE93
Pug
simage2.pubmatic.com/AdServer/ Frame 74DA
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bb1d93db-425b-43fa-9936-fd1cfcd52e63&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bb1d93db-425b-43fa-9936-fd1cfcd52e63&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:bb1d93db-425b-43fa-9936-fd1cfcd52e63&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 07 Aug 2023 18:12:01 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 7E15
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:11:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 07 Aug 2023 18:12:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
usersync
usersync.gumgum.com/ Frame 7541 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:12:01 GMT
Expires
0
Pragma
no-cache
mw
mwzeom.zeotap.com/ Frame DA7D 		95 B
217 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f317c427a1b37ca-FRA
access-control-allow-headers
*
content-length
95
info2
uipglob.semasio.net/pubmatic/1/ Frame DA7D
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
77.243.51.121 , Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
frontend-id
4
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
content-type
image/gif
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
frontend-id
5
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&sInitiator=external&gdpr=0&gdpr_consent=
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-origin
*
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
/
spl.zeotap.com/ Frame DA7D
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&gdpr=0&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D0&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=dad5d7eacb4c82271591623a21fe8fb4&gdpr=0
  • https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
95 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://spl.zeotap.com/?zdid=1332&zcluid=328034c53ba2eadd
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
via
1.1 google
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
server
cloudflare
strict-transport-security
max-age=2592000; includeSubDomains; preload
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
7f317c459f5937ca-FRA
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://spl.zeotap.com?zdid=1332&zcluid=328034c53ba2eadd
content-length
0
match
c1.adform.net/serving/cookie/ Frame E78B 		35 B
590 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:01 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
B4052459-A3E1-4FA8-B11E-0B82269C7A1C
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame DA7D 		43 B
600 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B4052459-A3E1-4FA8-B11E-0B82269C7A1C?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Content-Security-Policy sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
referrer-policy
strict-origin-when-cross-origin
server
ATS
content-security-policy
sandbox; default-src 'self'; script-src 'none'; object-src 'none'; report-uri http://csp.yahoo.com/beacon/csp?src=generic
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
image/gif
content-length
43
sync
ups.analytics.yahoo.com/ups/58292/ Frame DA7D 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&redir=true&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.71.149.231 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-71-149-231.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.10.64 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.64
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
x.bidswitch.net/ Frame DA7D
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433829258782300&expires=30&ssp=pubmatic
43 B
145 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433829258782300&expires=30&ssp=pubmatic
Protocol
H2
Server
18.184.249.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-184-249-152.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
43
content-type
image/gif

Redirect headers

Location
https://x.bidswitch.net/sync?dsp_id=119&user_id=5107433829258782300&expires=30&ssp=pubmatic
Date
Mon, 07 Aug 2023 18:12:01 GMT
Server
Jetty(9.4.51.v20230217)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 756C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Mon, 07 Aug 2023 18:12:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA%3D&piggybackCookie=7264644754048153739&gdpr=0&gdpr_consent=
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame 59BB
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
42 B
303 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:11:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
188
Content-Type
text/html; charset=utf-8
Date
Mon, 07 Aug 2023 18:12:01 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=IydNx7KlURJTPKmJnjFL6lD_B2g&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame DA7D
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
1 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
1
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=7266735936752934681&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame DA7D 		0
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:20::2010 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame 6EEF 		85 B
145 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=${TM_USER_ID}&gdpr=1&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.66.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Jetty(9.4.35.v20201120) /
Resource Hash
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
*
cache-control
no-cache
content-length
85
content-type
image/png
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW PSAo PSDo IVAo IVDo OUR BUS UNI DEM"
pragma
no-cache
server
Jetty(9.4.35.v20201120)
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra-eddf8230055-FRA
x-timer
S1691431921.095522,VS0,VE93
Pug
simage2.pubmatic.com/AdServer/ Frame DA7D
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1a4016d9-9e3a-4a62-a147-f95655fa907a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1a4016d9-9e3a-4a62-a147-f95655fa907a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?gdpr_consent=&gdpr=0&piggybackCookie=uid:1a4016d9-9e3a-4a62-a147-f95655fa907a&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Mon, 07 Aug 2023 18:12:01 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=2999
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 5B1D
Redirect Chain
  • https://csync.loopme.me/?pubid=11331&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={viewer_token}
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:12:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Mon, 07 Aug 2023 18:12:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&piggybackCookie={viewer_token}
server
_
pixelSync
pixel-sync.sitescout.com/dmp/ Frame DA7D 		0
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
98.98.134.242 , United States, ASN21859 (ZEN-ECN, US),
Reverse DNS
Software
A /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
pragma
no-cache
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
max-age=0,no-cache,no-store
server
A
expires
Tue, 11 Oct 1977 12:34:56 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 0356
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm?gdpr=0&gdpr_consent=&_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFKTjNVN0pvbWdBQUNqUVh1c00xZw&gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_syn...
  • https://match.prod.bidr.io/cookie-sync/adx?gdpr=0&gdpr_consent=&bee_sync_partners=pp%2Csas%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
  • https://bh.contextweb.com/bh/rtset?ev=AAJN3U7JomgAACjQXusM1g&do=add&pid=558502&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26bee_sync_partners%3Dsas%252Cpm%26bee_sync_current_par...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&bee_sync_partners=sas%2Cpm&bee_sync_current_partner=pp&bee_sync_initiator=adx&bee_sync_hop_count=2&ev=AAJN3U7JomgAACjQXusM1g&pid=558502&do=add&gdpr=0
  • https://rtb-csync.smartadserver.com/redir?partneruserid=AAJN3U7JomgAACjQXusM1g&partnerid=127&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fgdpr%3D0%26gdpr%3D0%26bee_sync_partners%3Dpm%2...
  • https://match.prod.bidr.io/cookie-sync?gdpr=0&gdpr=0&bee_sync_partners=pm&bee_sync_current_partner=sas&bee_sync_initiator=adx&bee_sync_hop_count=3&userid=7640565164426888160&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJN3U7JomgAACjQXusM1g&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJN3U7JomgAACjQXusM1g&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
0
Date
Mon, 07 Aug 2023 18:12:01 GMT
Server
gunicorn
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAJN3U7JomgAACjQXusM1g&gdpr=0&gdpr_consent=
strict-transport-security
max-age=2592000; includeSubDomains
Pug
image2.pubmatic.com/AdServer/ Frame F0A1
Redirect Chain
  • https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
  • https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU5380a3a6454e4a5fb1eccdb4fe927548&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
42 B
245 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU5380a3a6454e4a5fb1eccdb4fe927548&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
access-control-allow-methods
POST, GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
content-length
168
content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
expires
Mon, 01 Jan 1990 00:00:00 GMT
location
https://image2.pubmatic.com/AdServer/Pug?piggybackCookie=OPU5380a3a6454e4a5fb1eccdb4fe927548&vcode=bz0yJnR5cGU9MSZjb2RlPTM0ODkmdGw9NDMyMDA%3D
pragma
no-cache
server
nginx
bridge
cm.adgrx.com/ Frame 8F0F 		43 B
283 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.196 Amsterdam, Netherlands, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, proxy-revalidate
content-length
43
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:01 GMT
expires
Thu, 23 Sep 2004 17:42:04 GMT
p3p
CP="NOI OTC OTP OUR NOR"
pragma
no-cache
server
Cowboy
x-realserver-nx
ams-delivery-5
Pug
image2.pubmatic.com/AdServer/ Frame 00F5
Redirect Chain
  • https://cm-supply-web.gammaplatform.com/adx/usersyncsupply?pid=7&t=pixel
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=pt721hksi1jt
42 B
228 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=pt721hksi1jt
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-encoding
utf-8
cache-control
no-cache, no-store
content-length
0
date
Mon, 07 Aug 2023 18:12:01 GMT
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTkmdGw9NDMyMDA=&piggybackCookie=pt721hksi1jt
lws
42
strict-transport-security
max-age=31536000; includeSubDomains
time-ms
0
i.match
s.tribalfusion.com/z/ Frame D27F
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:19ad , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f317c448e08bb62-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
7f317c42dae6bb62-FRA
content-type
text/html
date
Mon, 07 Aug 2023 18:12:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
57
cookiesync
core.iprom.net/ Frame 6B57 		43 B
277 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:12:01 GMT
Vary
Accept-Encoding
X-adserver-worker
avatar-ede34c3bed0a@version_1.566
X-core-time
0ms
X-server-arch
v2
Pug
simage2.pubmatic.com/AdServer/ Frame 245E
Redirect Chain
  • https://ad.mrtnsvr.com/sync/pubmatic?gdpr=0&gdpr_consent=
  • https://image6.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw%26piggybackCookie%3D%23PM_USER_ID%26gdpr...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
42 B
97 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:12:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NTgmdGw9MTI5NjAw&piggybackCookie=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cm
ipac.ctnsnet.com/int/ Frame F9F8 		43 B
368 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ipac.ctnsnet.com/int/cm?exc=14&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MTEmdGw9MjAxNjA=&piggybackCookie=[user_id]
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.193.173 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
173.193.186.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, must-revalidate
content-length
43
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:00 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="NOI DSP COR NID CUR OUR NOR"
pragma
no-cache
server
Apache-Coyote/1.1
via
1.1 google
Pug
image2.pubmatic.com/AdServer/ Frame E1B0
Redirect Chain
  • https://green.erne.co/pubmatic/cm?gdpr=0&gdpr_consent=
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=0&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25...
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=328034c53ba2eadd/gdpr=0/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYXSaYWjVYhgXngQQ&gdpr=0&gdpr_consent=
42 B
281 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYXSaYWjVYhgXngQQ&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.191.210 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
42
content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=NrGB8F9IYXSaYWjVYhgXngQQ&gdpr=0&gdpr_consent=
Pug
simage2.pubmatic.com/AdServer/ Frame DA7D
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5730477144318325021
42 B
95 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5730477144318325021
Protocol
H2
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:01 GMT
an-x-request-uuid
f71b502c-88a3-4c38-b3c2-39d3882b4aff
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=5730477144318325021
x-proxy-origin
80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pub
matching.truffle.bid/sync/ Frame C94F 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
162.55.120.196 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.196.120.55.162.clients.your-server.de
Software
nginx/1.23.3 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15768000

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Date
Mon, 07 Aug 2023 18:12:01 GMT
Server
nginx/1.23.3
Strict-Transport-Security
max-age=15768000
Pug
simage2.pubmatic.com/AdServer/ Frame 8EF2
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E174BB98A6C74CFCA5F8F526A7BFEA3A&gdpr=0&gdpr_consent=
1 B
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E174BB98A6C74CFCA5F8F526A7BFEA3A&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-length
1
content-type
text/html; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
142
content-type
text/html
date
Mon, 07 Aug 2023 18:12:01 GMT
expires
Sun, 06 Aug 2023 18:12:01 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:E174BB98A6C74CFCA5F8F526A7BFEA3A&gdpr=0&gdpr_consent=
server
openresty
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
generic
match.adsrvr.org/track/cmf/ Frame 6AD8
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6405436396
70 B
265 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6405436396
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Mon, 07 Aug 2023 18:12:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Mon, 07 Aug 2023 18:12:01 GMT
etag
RX454fa167f27e4ceebc7e385eecb31b3a003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6405436396
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
csync
sync.adtelligent.com/ Frame F551 		43 B
473 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.adtelligent.com/csync?t=a&ep=281178&extuid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
23.227.139.243 Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Content-Length
43
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:12:01 GMT
Etag
98bc15074146f0fd
Server
Adtelligent
trackv4
track-selectmedia.com/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1459&uuid=d53ea160-8a9f-4167-83f8-4decb58104bb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://www.casho.la
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trackv4
track-selectmedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1459&uuid=d53ea160-8a9f-4167-83f8-4decb58104bb
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.casho.la
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
date
Mon, 07 Aug 2023 18:12:01 GMT
referrer-policy
no-referrer-when-downgrade
via
1.1 google
usersync
usersync.gumgum.com/ Frame D532 		35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=pbm&i=B4052459-A3E1-4FA8-B11E-0B82269C7A1C
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Mon, 07 Aug 2023 18:12:01 GMT
Expires
0
Pragma
no-cache
ads
pagead2.googlesyndication.com/gampad/ Frame 3FC9 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F7047%2C22737937330%2Fapl%2Fviaaplads7047%2Fvast_300&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=400x300%7C640x480&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=491271150729996&&_timestamp=1691431920445&vpa=auto&vpmute=1&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=975980440&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=14222&dt=1691431921180&scor=1469763961239022&ged=ve4_td14_tt10_pd14_la14000_er0.0.153.300_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 3FC9 		0
0
csi
csi.gstatic.com/ Frame 3FC9 		0
0
dsp
hhkld.com/logs/event/ 		43 B
396 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=105507&tids=17428&v=20&cb=1691431921398
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-ffe075f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
last-modified
Fri, 04 Aug 2023 17:20:08 GMT
server
nginx
etag
"64cd3348-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame C56B 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524514
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2B82 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2144
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 37C1 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: bid.underdog.media
URL: https://bid.underdog.media/udm-r3_v2.21.3.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:12:01 GMT
ETag
"623de86a-cf34"
Expires
Tue, 08 Aug 2023 18:12:03 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ 		43 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u.openx.net/w/1.0/pd
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:01 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
image/gif
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
56
expires
Mon, 26 Jul 1997 05:00:00 GMT
12o46q643rns6rr808p0q9n746535qnr-00002.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/12o46q643rns6rr808p0q9n746535qnr-00002.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
bc352dacc2c29d040ac88155edddc6cea50b4d16f9c700f0f6fb158ff140206e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:03 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
1139656
last-modified
Mon, 07 Aug 2023 16:45:09 GMT
server
AmazonS3
etag
"d16e866ad8abee99c735e6179e6c8790"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
O0iNgOM0dgfVYO2gwBuIOJYs4b5ydkPApOPQ1NcZIkyUlEq-cfH7Rg==
ads
pagead2.googlesyndication.com/gampad/ Frame C56B 		0
23 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21760922134%2C22500435788%2FAdExchangeVideo2%2Fviads.casho.la&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=300x250%7C400x300%7C640x480&gdfp_req=1&output=xml_vmap1&unviewed_position_start=1&env=vp&ad_rule=1&correlator=4213581806798903&&_timestamp=1691431921412&vpa=auto&vpmute=1&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=134021686&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=15015&dt=1691431921935&scor=3112431564170424&ged=ve4_td15_tt11_pd15_la15000_er0.0.153.300_vi0.0.1200.1600_vp100_ts1_eb24171
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 6426 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Fcasho.la_3.1&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1464505489357817&vpmute=0&mpt=videojs-ima&vpa=auto&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=397360844&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&media_url=blob%3Ahttps%253a%2F%2Fwww.casho.la%2Fce0a57bf-bafc-4479-a732-f0928b6b08e5&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=6924&dt=1691431921963&scor=1459931415014647&ged=ve4_td15_tt11_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.casho.la%2F&domain=www.casho.la&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Mon, 07 Aug 2023 18:12:01 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
219399
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
json
gum.criteo.com/sid/ Frame C3B2 		2 B
371 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fwww.casho.la%2F&domain=www.casho.la&cw=1&lsw=1
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::d , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:01 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
197530
expires
0
id
id.crwdcntrl.net/ Frame C3B2 		43 B
315 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.crwdcntrl.net/id
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.58.171 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-49-58-171.eu-west-1.compute.amazonaws.com
Software
Jetty(9.4.38.v20210224) /
Resource Hash
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:02 GMT
server
Jetty(9.4.38.v20210224)
content-type
application/json;charset=utf-8
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin
https://www.casho.la
cache-control
no-cache
x-server
10.45.10.78
access-control-allow-credentials
true
content-length
43
expires
0
rid
match.adsrvr.org/track/ Frame C3B2 		63 B
387 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=v5zyp9g&fmt=json
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
15.197.193.217 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
/
Resource Hash
2cd8109d50ec7e7d6582053710b6c8e50e6f3bb66144c4d6f232e85123752e76

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:12:02 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Wed, 06 Sep 2023 18:12:02 GMT
usync.html
eus.rubiconproject.com/ Frame EAEC 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:12:02 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
/
onetag-sys.com/usync/ Frame 0978 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1691431918991&gdpr=0&us_privacy=1---
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
async_usersync.html
acdn.adnxs.com/dmp/ Frame 35C2 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: player.hb.selectmedia.asia
URL: https://player.hb.selectmedia.asia/prebidlink/31ee76261d87fed8cb9d4c465c48158c/hbp_master_310028_13810.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:12:02 GMT
ETag
"623de86a-cf34"
Expires
Tue, 08 Aug 2023 18:12:04 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
dsp
hhkld.com/logs/event/ 		43 B
395 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=105507&tids=17273&v=20&cb=1691431922056
Requested by
Host: hhkld.com
URL: https://hhkld.com/static/next/alfa_master/assets/index-ffe075f6.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:02 GMT
last-modified
Fri, 04 Aug 2023 17:20:08 GMT
server
nginx
etag
"64cd3348-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 4113 		718 KB
230 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524515
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame D4BF 		39 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:36:17 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2145
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
13681
x-xss-protection
0
last-modified
Wed, 05 Jul 2023 22:37:09 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:36:17 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 6426 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Fcasho.la_2.1&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1464505489357817&vpmute=0&mpt=videojs-ima&vpa=auto&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=397360844&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&media_url=blob%3Ahttps%253a%2F%2Fwww.casho.la%2Fce0a57bf-bafc-4479-a732-f0928b6b08e5&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=6924&dt=1691431922106&scor=1459931415014647&ged=ve4_td15_tt11_pd15_la15000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:02 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame EAEC 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:02 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25461
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
1634065213_mercedes-wind4.ts
cdn.globalsun.io// 		841 KB
842 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io//1634065213_mercedes-wind4.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
0ec4468370648181b336d860a72523f2297abcb011db94b197e9fe22274f6aac

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:12:02 GMT
x-cache
HIT
x-77-cache
HIT
x-age
880393
x-accel-date
1690551529
content-length
861228
x-77-nzt
AcO1qhEl4OL/CW8NAA
x-accel-expires
@1691588329
last-modified
Tue, 12 Oct 2021 19:00:14 GMT
server
CDN77-Turbo
etag
"d242c-5ce2c749ecb80"
x-77-nzt-ray
4c1562242a4ba445f233d1649864321d
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.casho.la
accept-ranges
bytes
/
ads.viralize.tv/vast/ Frame 4113 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/vast/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&schain=1.0,1!viads.com,105507,1,,,&_timestamp=1691431922066
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
bc33d81fc1788b6bba1c3d52fc464d7974c98330406e441b411ecbe5a3ce05ee

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:02 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
0
script.js
d1oykxszdrgjgl.cloudfront.net/ 		125 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d1oykxszdrgjgl.cloudfront.net/script.js
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2057:fe00:0:1651:6140:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
c000ac520024b59289ff6be3c68683cdab823dce18f284298c8b5e7ae365d491

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
iI88wY.Zk3wK1Nhx9aePsB1IX533scQq
content-encoding
gzip
via
1.1 2ef0748a2a8fca13fd6065b6b046c33c.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 18:11:56 GMT
last-modified
Mon, 07 Aug 2023 14:48:40 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1
age
7
x-amz-server-side-encryption
AES256
etag
W/"cb62831e00e27fdf070fab8c74ae101b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=600,public,must-revalidate
x-amz-cf-id
rbsiLBiXI2GxhLEikbdhRDxHUP_a2PBnCzgBOspfXgVe_2SmjIDflQ==
csi
csi.gstatic.com/ Frame 4113 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll16w7xl&c=960899130579&slotId=480449565289.5&eee=missing-element&bi=missing-id&vast_v=3.0&vmfc=1&vhc=0&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 4113 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ll16w8d3&c=960899130579&slotId=480449565289.5&fb=ima_html5-lima&sdkv=h.3.584.2&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=0&itv=1&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:02 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
loader.js
imasdk.googleapis.com/js/sdkloader/ Frame 0CB3 		54 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/loader.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
60aa5f3887a6898f61521da959fc2cbbc9c83a4c1ca525bb4d02167246d0186b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:57:33 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
869
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
19718
x-xss-protection
0
last-modified
Wed, 02 Aug 2023 14:29:31 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
public, max-age=900
accept-ranges
bytes
expires
Mon, 07 Aug 2023 18:12:33 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame 0A66 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=162412&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=162412&userIdMacro=PM_UID&gdpr=0&gdpr_consent=&us_privacy=1YN-&&predirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D316%26uid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 04E8 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156631&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dc1ab0a3ba8e76a50%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 1204 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=20156578&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&p=20156578&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.missena.io%2Fpubmatic%2FPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
viralize_vpaid.min.56ff929a.js
monetize-static.viralize.tv/ Frame 0CB3 		81 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/viralize_vpaid.min.56ff929a.js?e=ops
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/loader.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
5011a9af1db45d6d869d6dc0b9462821710866a344ac187ccc36099fd276c2f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:03 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdt27hUXUtZr19hw9sk4WNISE0nFi2BKimQKf8T3qTYF37degUexSPvUiSZNDifPRseY8tATeNofDpnMjmEGwf9yLg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
23331
last-modified
Mon, 07 Aug 2023 07:43:43 GMT
server
UploadServer
etag
"56ff929a17c01b030e1b2374334a8127"
vary
Accept-Encoding
x-goog-generation
1691394223571836
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=ZL1Jfg==, md5=Vv+SmhfAGwMOGyN0M0qBJw==
cache-control
public, max-age=2592000
x-goog-stored-content-length
82782
accept-ranges
bytes
expires
Wed, 06 Sep 2023 18:12:03 GMT
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 07 Aug 2023 18:12:03 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ 		0
104 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Aug 2023 18:12:03 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
SPug
simage4.pubmatic.com/AdServer/ Frame 74DA 		0
260 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:01 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2270247b00-ff8f-4016-b3ab-8344daf96e09%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
416 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2270247b00-ff8f-4016-b3ab-8344daf96e09%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.casho.la%252Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
NG93SCS8EHR5KDEMT0CT
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
3nAHaTGk0KN-CmUcE9uGe7RDDrPSbOIXvh0UaCauj1y5y3Ne3lJDmA==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2270247b00-ff8f-4016-b3ab-8344daf96e09%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2270247b00-ff8f-4016-b3ab-8344daf96e09%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.casho.la%252Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
0177X3CPKVKM0TBZJ2RS
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
I-_DzI0OyCro4KgYNLSJ9EJnyEUp10rC1EAXsprCSudfVf7N8JhLJA==
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=EsvKZuUwILj7z&cb=0&ws=1600x1200&v=23.725.1446&t=3500&slots=%5B%7B%22sd%22%3A%2263612cc54c3c6847c8a48d1f-1100%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22687808135%2FVM_635ba897fb8ea73a414646e5%22%7D%2C%7B%22sd%22%3A%2263612cbb8934e21c346d92ba-1103%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22687808135%2FVM_635ba897fb8ea73a414646e5%22%7D%5D&schain=1.0%2C1!venatus.com%2C62693fbe0036ac21aee6add7%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A5100%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:03 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 20e88007b6f5218ef5942bc3581c73b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
FJ7GKH93SNMRB5M6FX86
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
694-UpMzp1iOOL3vCWx0WjXG17mSZwgSMwl0UfwBymQoatlcQePC8Q==
SPug
simage4.pubmatic.com/AdServer/ Frame DA7D 		0
128 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156813&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156813&userIdMacro=PM_UID&predirect=https%3A%2F%2Fsync.adtelligent.com%2Fcsync%3Ft%3Da%26ep%3D281178%26extuid%3DPM_UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:00 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
SPug
simage4.pubmatic.com/AdServer/ Frame 310B 		0
48 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=&gdprConsent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
track_enc
track.venatusmedia.com/dual/ 		16 B
163 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track.venatusmedia.com/dual/track_enc
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.72.30.63 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-72-30-63.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:03 GMT
access-control-allow-credentials
true
content-length
16
vary
Origin
content-type
application/json
csi
csi.gstatic.com/ Frame 4113 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=3~ll16w8f6&c=960899130579&slotId=480449565289.5&fb=ima_html5-lima&sdkv=h.3.584.2&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=0&itv=1&ua_e=1
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:03 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
q.clarity.ms/ 		0
292 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
application/x-clarity-gzip
Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Date
Mon, 07 Aug 2023 18:12:04 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
/
ads.viralize.tv/track/ Frame 0CB3 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?session_id=01ee354de8a96ec0ec105a2beb1ac0b2%3A0&player_session_id=0&label=ad_opportunity&ver=12&reason=ok&type=event&category=player_session
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:03 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
dt
dt.adsafeprotected.com/ 		43 B
216 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dt.adsafeprotected.com/dt?anId=931034&asId=aa5a4f7f-6067-a2f1-9538-2ab430a49491&tv=%7Bc:kD7vDo,time:16423,type:e,env:%7Bnr_p:15%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:16423,n:0,pp:0,pm:0%7D,slEvents:%5B%7Bsl:o,t:909,wc:0.0.1600.1200,ac:0.0.1.1,am:s,cc:1600.0.0.0,piv:0,obst:0,th:0,reas:r,bkn:%7Bpiv:%5B15535~0%5D,as:%5B15535~1.1%5D%7D%7D%5D,slEventCount:1,em:false,fr:true,e:,tt:jload,dtt:368,fm:tMgXUlV+1*.931034%7C11%7C12%7C13%7C14%7C15,idMap:1*,rmeas:1,rend:0,renddet:na,siq:910,sis:1791%7D&br=c
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f13:800:7781:1be6:f1b0:79a9:85e7 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:04 GMT
server
nginx
x-server-name
dt17.or.303net.net
p3p
CP="COM NAV INT STA NID OUR IND NOI"
content-type
image/gif
cache-control
no-cache
content-length
43
perf
am-trc-events.taboola.com/themonetizer-cashola/log/3/ Frame 494C 		0
245 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://am-trc-events.taboola.com/themonetizer-cashola/log/3/perf?route=AM%3AAM%3AV&lti=split-bugfix-v2_ctrl
Requested by
Host: cdn.taboola.com
URL: https://cdn.taboola.com/libtrc/impl.20230801-7-RELEASE.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

access-control-allow-origin
https://www.casho.la
pragma
no-cache
date
Mon, 07 Aug 2023 18:12:03 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
p3p
policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
ac
www8.smartadserver.com/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www8.smartadserver.com/ac?pgid=1473518&insid=5733718&tmstp=8148932968&out=js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.96 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip96.ip-5-135-209.eu
Software
/
Resource Hash
1385230372819d6d949d54655a95aca4e71a720f779fc8238796dc839c0d22ed

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:05 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
application/javascript; charset=UTF-8
x-smrt-i
5733718
cache-control
no-cache,no-store
pandg-sdk.js
pghub.io/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pghub.io/js/pandg-sdk.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.241.45.217 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
217.45.241.35.bc.googleusercontent.com
Software
UploadServer /
Resource Hash
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:12:22 GMT
content-encoding
gzip
age
3583
x-guploader-uploadid
ADPycdsDainphEEhAAJ1feqp_0BDQhT76f5DDjS_Tq8gP868qbD5n73fcf6BGXBNtv_ImRMXFkAHmgZprhxSCUsYz4CXZQ
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
gzip
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5009
last-modified
Mon, 05 Jun 2023 16:36:50 GMT
server
UploadServer
etag
"47a886353056caf33a998c6041e20896"
vary
Accept-Encoding
x-goog-generation
1685983010517890
x-goog-hash
crc32c=aHj4lg==, md5=R6iGNTBWyvM6mYxgQeIIlg==
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin
cache-control
public,max-age=3600
x-goog-stored-content-length
5009
accept-ranges
bytes
content-type
application/javascript
CookieSync.html
csync-eu.smartadserver.com/2058/ Frame F6B5
Redirect Chain
  • https://csync-global.smartadserver.com/2058/CookieSync.html
  • https://csync-eu.smartadserver.com/2058/CookieSync.html
435 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2058/CookieSync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:12:06 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645525985.84779"
Expires
Mon, 07 Aug 2023 19:12:06 GMT
Last-Modified
Tue, 22 Feb 2022 10:05:45 GMT
Server
AkamaiNetStorage

Redirect headers

Cache-Control
private, max-age=86400
Connection
keep-alive
Content-Length
0
Date
Mon, 07 Aug 2023 18:12:05 GMT
Expires
Tue, 08 Aug 2023 18:12:05 GMT
Location
https://csync-eu.smartadserver.com/2058/CookieSync.html
Server
AkamaiGHost
CookieSync.html
csync-eu.smartadserver.com/2161/ Frame C5B8
Redirect Chain
  • https://csync-global.smartadserver.com/2161/CookieSync.html
  • https://csync-eu.smartadserver.com/2161/CookieSync.html
435 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2161/CookieSync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:12:06 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645525985.84779"
Expires
Mon, 07 Aug 2023 19:12:06 GMT
Last-Modified
Tue, 22 Feb 2022 10:05:45 GMT
Server
AkamaiNetStorage

Redirect headers

Cache-Control
private, max-age=86400
Connection
keep-alive
Content-Length
0
Date
Mon, 07 Aug 2023 18:12:05 GMT
Expires
Tue, 08 Aug 2023 18:12:05 GMT
Location
https://csync-eu.smartadserver.com/2161/CookieSync.html
Server
AkamaiGHost
CookieSync.html
csync-eu.smartadserver.com/3668/ Frame 5DD2
Redirect Chain
  • https://csync-global.smartadserver.com/3668/CookieSync.html
  • https://csync-eu.smartadserver.com/3668/CookieSync.html
435 B
783 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/3668/CookieSync.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:12:06 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645525985.84779"
Expires
Mon, 07 Aug 2023 19:12:06 GMT
Last-Modified
Tue, 22 Feb 2022 10:05:45 GMT
Server
AkamaiNetStorage

Redirect headers

Cache-Control
private, max-age=86400
Connection
keep-alive
Content-Length
0
Date
Mon, 07 Aug 2023 18:12:05 GMT
Expires
Tue, 08 Aug 2023 18:12:05 GMT
Location
https://csync-eu.smartadserver.com/3668/CookieSync.html
Server
AkamaiGHost
2x2
ad.yieldlab.net/d/6846326/766/ Frame E062 		61 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/d/6846326/766/2x2?ts=1691431922&type=h&gdpr=1&consent=
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
240f4b24556b4dc7b2b149c5e523d7816589b3b42c04d8acb86e882cd895c110

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Language
de-DE
Content-Length
61
Content-Type
text/html;charset=UTF-8
Date
Mon, 07 Aug 2023 18:12:05 GMT
Expires
Sun, 06 Aug 2023 18:12:05 GMT
Pragma
no-cache
/
ads.viralize.tv/player/ Frame 0CB3 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&_timestamp=1691431922066&sid=01ee354de8a96ec0ec105a2beb1ac0b2&experiment=ops.v&ahd=1&enable_branding=0&schain=1.0,1!viads.com,105507,1,,,&player_session=%7B%22page_id%22%3A%220189d132ef7431653af555e734d905e0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A4566%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&r=https%3A%2F%2Fwww.google.com%2F&pub_platform=&dd=casho.la&sc=1&gdpr=1&cs=&cmp=timeout&us_privacy=1---
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.56ff929a.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
a997695aa91a15690d02e00943813963a8d2e66679e85a8aebd6182b5c5e4ab1

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:05 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame 868F 		25 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:05 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
42464
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame 868F 		101 B
667 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 07 Aug 2023 18:12:06 GMT
age
1058860
detected-user-agent
Chrome/115.0.0
useragent_normaliser
chrome/115.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
105
referrer-policy
origin-when-cross-origin
last-modified
Mon, 24 Jul 2023 22:12:52 GMT
fastly_service_version
222
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/115.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 868F 		345 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121802
x-xss-protection
0
expires
Mon, 07 Aug 2023 18:12:05 GMT
viralize_player.min.91ae55f5.js
monetize-static.viralize.tv/ Frame 868F 		400 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/viralize_player.min.91ae55f5.js?e=ops
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ea9b76a337c18067d0646a24aa3c1e5d792f08882182bcac39fc0b613a951cbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:05 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdso_U5-BQwjz594diuK1KQTerbdciH8VEcEHHNXIHrmq0wYjCtusY6YsiIEZfhUndfynuaRNg2a7oNOqH4AqjXUZg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
115590
last-modified
Mon, 07 Aug 2023 07:43:44 GMT
server
UploadServer
etag
"91ae55f5c3aa02e4720ace777ea4b835"
vary
Accept-Encoding
x-goog-generation
1691394224820970
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=NZMkiw==, md5=ka5V9cOqAuRyCs53fqS4NQ==
cache-control
public, max-age=2592000
x-goog-stored-content-length
409561
accept-ranges
bytes
expires
Wed, 06 Sep 2023 18:12:05 GMT
auto-user-sync
ads.stickyadstv.com/ 		43 B
517 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.stickyadstv.com/auto-user-sync
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
95.101.54.123 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a95-101-54-123.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:12:05 GMT
Server
nginx
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
43
x-sticky-vk
1691431925674094-566
Expires
Mon, 07 Aug 2023 18:12:05 GMT
tag
feed.pghub.io/ Frame 461C 		13 B
270 B 		Document
General
Check archive.org
Download Go to
Full URL
https://feed.pghub.io/tag?gdpr=1&gdpr_consent=&referrer_url=https%3A%2F%2Fwww.google.com%2F&page_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&owner=P%26G&bp_id=showheroes&ch=%7B%22architecture%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22brands%22%3A%5B%5D%2C%22fullVersionList%22%3A%5B%5D%2C%22mobile%22%3Afalse%2C%22model%22%3A%22%22%2C%22platform%22%3A%22%22%2C%22platformVersion%22%3A%22%22%7D&initiator=js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.243.38 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
38.243.102.34.bc.googleusercontent.com
Software
Jetty(11.0.13) /
Resource Hash
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
Security Headers
Name Value
Content-Security-Policy default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-origin
*
access-control-max-age
300
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-store
content-security-policy
default-src 'none';img-src https://*.pghub.io https://match.adsrvr.org
content-type
text/html;charset=utf-8
date
Mon, 07 Aug 2023 18:12:05 GMT
server
Jetty(11.0.13)
strict-transport-security
max-age=31536000
via
1.1 google
CookieSync.html
csync.smartadserver.com/diff/rtb/csync/ Frame 3270 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=2058&dcid=14&gdpr=1&gdprc=
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:12:06 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524911.683358"
Last-Modified
Tue, 22 Feb 2022 09:59:54 GMT
Server
AkamaiNetStorage
usync.html
eus.rubiconproject.com/ Frame 6FEB
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=smartadserver&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:12:05 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Mon, 07 Aug 2023 18:12:05 GMT
location
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 6FEB 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=smartadserver&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25457
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 3270 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=2058&dcid=14&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 3270 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=2058&dcid=14&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=2058&dcid=14&gdpr=1&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"0dec18a9648b57994b6d38816a4f0f72:1688378499.453464"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 3270 		157 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=2058&dcid=14&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
86ec23821217734d74230a6907152bdaf190cfe1f1c6b3490c6ad76d902727a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=2058&dcid=14&gdpr=1&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"e10b5582af97aec7baf13d0edfb2a28d:1688378499.797211"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4237
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame F6B5 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2058/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync-eu.smartadserver.com/2058/ Frame F6B5 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2058/CookieSync.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2058/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/2058/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:55 GMT
Server
AkamaiNetStorage
ETag
"6b4942ad99a5783d324affd948fbc192:1688378383.495807"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
Expires
Mon, 07 Aug 2023 19:12:06 GMT
TemplatePool.min.js
csync-eu.smartadserver.com/2058/ Frame F6B5 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2058/TemplatePool.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2058/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
081ea4c13b54ffd6e3f4c5f2ee3a1665ac4b6dc3187d13ded3f3b9d3a9803022

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/2058/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:56 GMT
Server
AkamaiNetStorage
ETag
"1915a87575f8ffd03aa1060a396870c1:1688378387.901742"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1979
Expires
Mon, 07 Aug 2023 19:12:06 GMT
trackv4
track-selectmedia.com/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1459&uuid=c2c3aaab-ecaf-4f6c-be16-92950f042576
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://www.casho.la
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trackv4
track-selectmedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1459&uuid=c2c3aaab-ecaf-4f6c-be16-92950f042576
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.casho.la
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
date
Mon, 07 Aug 2023 18:12:06 GMT
referrer-policy
no-referrer-when-downgrade
via
1.1 google
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame C5B8 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2161/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync-eu.smartadserver.com/2161/ Frame C5B8 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2161/CookieSync.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2161/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/2161/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:55 GMT
Server
AkamaiNetStorage
ETag
"6b4942ad99a5783d324affd948fbc192:1688378383.495807"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
Expires
Mon, 07 Aug 2023 19:12:06 GMT
TemplatePool.min.js
csync-eu.smartadserver.com/2161/ Frame C5B8 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/2161/TemplatePool.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/2161/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
081ea4c13b54ffd6e3f4c5f2ee3a1665ac4b6dc3187d13ded3f3b9d3a9803022

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/2161/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:56 GMT
Server
AkamaiNetStorage
ETag
"1915a87575f8ffd03aa1060a396870c1:1688378387.901742"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1979
Expires
Mon, 07 Aug 2023 19:12:06 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 5DD2 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/3668/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync-eu.smartadserver.com/3668/ Frame 5DD2 		74 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/3668/CookieSync.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/3668/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/3668/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:55 GMT
Server
AkamaiNetStorage
ETag
"6b4942ad99a5783d324affd948fbc192:1688378383.495807"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
Expires
Mon, 07 Aug 2023 19:12:06 GMT
TemplatePool.min.js
csync-eu.smartadserver.com/3668/ Frame 5DD2 		11 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync-eu.smartadserver.com/3668/TemplatePool.min.js
Requested by
Host: csync-eu.smartadserver.com
URL: https://csync-eu.smartadserver.com/3668/CookieSync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d3d Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
081ea4c13b54ffd6e3f4c5f2ee3a1665ac4b6dc3187d13ded3f3b9d3a9803022

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync-eu.smartadserver.com/3668/CookieSync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:56 GMT
Server
AkamaiNetStorage
ETag
"1915a87575f8ffd03aa1060a396870c1:1688378387.901742"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
1979
Expires
Mon, 07 Aug 2023 19:12:06 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame 868F 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 17:12:09 GMT
content-encoding
gzip
via
1.1 82e9051d8d41080bd3028731e0e8677e.cloudfront.net (CloudFront), 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:28 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P3
age
3598
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
VqcB9BawINyHqpXiRXm1r53Wvlgge2K035UbTR7a7qrNPTo8i9OG5w==
prebid.min.8767321a.js
monetize-static.viralize.tv/ Frame 868F 		461 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/prebid.min.8767321a.js?e=ops
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
2ac194d6713ab93b6db5a93acd42bdd04893c76ebe404eced269e696fd25d20a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsm77dKEiebMzpG0voAWQBVjxLHObngxEYjiM1e9U7489IiYltO5mYtaS0st8StnDMmp1ZXX9u32fMyxbBppH-4
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
149442
last-modified
Mon, 17 Jul 2023 08:34:42 GMT
server
UploadServer
etag
"8767321aa946fab11b7849c3c8cab276"
vary
Accept-Encoding
x-goog-generation
1689582882143487
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=xXO4Yg==, md5=h2cyGqlG+rEbeEnDyMqydg==
cache-control
public, max-age=2592000
x-goog-stored-content-length
471945
accept-ranges
bytes
expires
Wed, 06 Sep 2023 18:12:06 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzQ3MjISXlnO0Pe6nA%3D%3D.1.1h78j5ug0-ett80fnf09-YWRuXzQ3MjISXlnO0Pe6nA%3D%3D-wp1sc1
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
collect
q.clarity.ms/ 		0
292 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://q.clarity.ms/collect
Requested by
Host: www.clarity.ms
URL: https://www.clarity.ms/s/0.7.8/clarity.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
20.231.53.73 Tappahannock, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Date
Mon, 07 Aug 2023 18:12:06 GMT
Access-Control-Allow-Credentials
true
Server
nginx/1.18.0 (Ubuntu)
Connection
keep-alive
Vary
Origin
Request-Context
appId=cid-v1:3d284f99-f285-495c-ac33-dedd7ecf1ac8
config
c.amazon-adsystem.com/cdn/prod/ Frame 868F 		0
301 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5044&u=https%3A%2F%2Fwww.casho.la
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:05 GMT
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
x-cache
Miss from cloudfront
access-control-allow-origin
https://www.casho.la
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
KrEVrRIul_7nNCTr3vn5C5T9yvI1utiafVy3BbvCjMbq8fwMFMS13g==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%225044%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidError%22%2C%22feat%22%3...
aax.amazon-adsystem.com/x/px/p/PH/ Frame 868F 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%225044%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidError%22%2C%22feat%22%3A%22started%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.casho.la%252Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
PRVH15QGF24SCEP8SQMZ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
XRrpJyub7s-emRTz6baMDZwjrP2ero9MAQAuW3_kDnJ_x2UkDracvg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame 868F 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 06:23:09 GMT
x-amz-cf-pop
FRA56-P3
age
42538
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
edlYWb7a2IH2RK0FuG9U2eEgZvhrvcojz_yAY2uHNQJLUjDpNVG0AQ==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%225044%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ad%252Fsignals%252Fdefine%22%2C%22feat%22%3A%2...
aax.amazon-adsystem.com/x/px/p/PH/ Frame 868F 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%225044%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22ad%252Fsignals%252Fdefine%22%2C%22feat%22%3A%22completed%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.casho.la%252Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
5G0DBPTS6KMPCXMF4QPC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
JXtLaUWdI_ZzSJgSHLi-y8Pm8VA_19NEFUY9Ime-5rcz7s4UR2u1Yg==
bid
aax.amazon-adsystem.com/e/dtb/ Frame 868F 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5044&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=IuVYHKcxWvbvF&cb=0&ws=0x0&v=23.725.1446&t=2000&slots=%5B%7B%22id%22%3A%22videoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!viads.com%2C105507%2C1%2C%2C%2C!viralize.com%2C4704%2C1%2C%2C%2C&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 20e88007b6f5218ef5942bc3581c73b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
ZCQ5PVNNXEEN5KR0C2EF
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
qXwrzis3KNPFquLbDW61GYJtN0KRo1HfcqXSYegyVGd7XWo3SpO0_g==
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 6FEB 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=smartadserver&khaos=LL16VXOA-J-28RP
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
X-RPHost
704c1e4d3fcc922a3031d436b584678b
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
prg.smartadserver.com/prebid/ Frame 868F 		296 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
19d462753622cb54a31c01de3fe6962c477f3818f8fc5b748501380f03216c68

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.casho.la
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
shb.richaudience.com/hb/ Frame 868F 		4 B
234 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 868F 		30 B
330 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ed72a16e61e8de3309554066964dbf6afac406460df04ad7c928bafde612c500

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
56
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 868F 		173 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a8f572a254c37aca276c495b1fffd8f90a21b6fbc8bcde0ae3e2e7e72716e969

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
openrtb
adx.adform.net/adx/ Frame 868F 		0
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:06 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
13521553
ad.yieldlab.net/yp/ Frame 868F 		2 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/yp/13521553?ts=1691431926663&json=true&pvid=true&schain=1.0,1!viads.com,105507,1,,,,!showheroes.com,4704,1,,,,&pubref=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&gdpr=true&consent=undefined
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:12:06 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.casho.la
Content-Language
de-DE
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length
22
Expires
Sun, 06 Aug 2023 18:12:06 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame 868F 		173 B
465 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
a8f572a254c37aca276c495b1fffd8f90a21b6fbc8bcde0ae3e2e7e72716e969

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
Expires
0
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzUyNDFeWEDAiyNGKQ%3D%3D.7.1h78j5ug0-ett80fnf09-YWRuXzUyNDFeWEDAiyNGKQ%3D%3D-wp7sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzYwMTLCQhSTA-JiFg%3D%3D.6.1h78j5ug0-ett80fnf09-YWRuXzYwMTLCQhSTA-JiFg%3D%3D-wp6sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzc3MzDpOFsig0fIyg%3D%3D.4.1h78j5ug0-ett80fnf09-YWRuXzc3MzDpOFsig0fIyg%3D%3D-wp4sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzc3MzcHvtE3TySFuQ%3D%3D.3.1h78j5ug0-ett80fnf09-YWRuXzc3MzcHvtE3TySFuQ%3D%3D-wp3sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzU5MDYkYm9wCJ1k6A%3D%3D.11.1h78j5ug0-ett80fnf09-YWRuXzU5MDYkYm9wCJ1k6A%3D%3D-wp11sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzc0MDWhxEhzsbF3TA%3D%3D.2.1h78j5ug0-ett80fnf09-YWRuXzc0MDWhxEhzsbF3TA%3D%3D-wp2sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzc3MziQ_U2fcETwLw%3D%3D.9.1h78j5ug0-ett80fnf09-YWRuXzc3MziQ_U2fcETwLw%3D%3D-wp9sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame 868F 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzQ3MjISXlnO0Pe6nA%3D%3D-wp1sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzQ3MjISXlnO0Pe6nA%3D%3D-wp1sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
p
sb.scorecardresearch.com/ Frame A57D 		43 B
300 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/p?c1=2&c2=18065638&ns_type=hidden&ns_st_sv=6.3.4.190424&ns_st_smv=5.10&ns_st_it=c&ns_st_id=1691431909444&ns_st_ec=2&ns_st_sp=1&ns_st_sc=1&ns_st_psq=1&ns_st_asq=1&ns_st_sq=1&ns_st_ppc=1&ns_st_apc=1&ns_st_spc=1&ns_st_cn=1&ns_st_ev=hb&ns_st_po=10002&ns_st_cl=207690&ns_st_hc=1&ns_st_mp=js_api&ns_st_mv=6.3.4.190424&ns_st_pn=1&ns_st_tp=1&ns_st_ci=2924987&ns_st_pt=10002&ns_st_dpt=10002&ns_st_ipt=10002&ns_st_ap=10002&ns_st_dap=10002&ns_st_et=10002&ns_st_det=10002&ns_st_upc=10002&ns_st_dupc=10002&ns_st_iupc=10002&ns_st_upa=10002&ns_st_dupa=10002&ns_st_iupa=10002&ns_st_lpc=10002&ns_st_dlpc=10002&ns_st_lpa=10002&ns_st_dlpa=10002&ns_st_pa=10002&ns_st_ldw=0&ns_st_ldo=0&ns_ts=1691431926714&ns_st_bc=0&ns_st_dbc=0&ns_st_bt=0&ns_st_dbt=0&ns_st_bp=0&ns_st_skc=0&ns_st_dskc=0&ns_st_ska=0&ns_st_dska=0&ns_st_skd=0&ns_st_skt=0&ns_st_dskt=0&ns_st_pc=0&ns_st_dpc=0&ns_st_pp=0&ns_st_br=0&ns_st_rt=100&ns_st_ub=0&ns_st_ki=1200000&ns_st_pr=*null&ns_st_sn=*null&ns_st_en=*null&ns_st_ep=*null&ns_st_ct=vc12&ns_st_ge=Sports&ns_st_st=SendtoNews&ns_st_ce=0&ns_st_ia=0&ns_st_ddt=*null&ns_st_tdt=*null&ns_st_pu=Cheddar%20News&c3=sendtonews&c4=Culture&c6=*null&c7=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&c8=&c9=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.7.113 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-7-113.fra56.r.cloudfront.net
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:06 GMT
via
1.1 e75bff6012758ccb55ff41b176b32342.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
content-type
image/gif
content-length
43
x-amz-cf-id
O2hWnIvtfXDFTZ-FHxlAs1Q0-UGbjuoTqfhgD8nttU-XV87d61uHFQ==
ads
pagead2.googlesyndication.com/gampad/ Frame 6426 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Fcasho.la_3.1&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1464505489357817&vpmute=0&mpt=videojs-ima&vpa=auto&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=397360844&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&media_url=blob%3Ahttps%253a%2F%2Fwww.casho.la%2Fce0a57bf-bafc-4479-a732-f0928b6b08e5&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=6924&dt=1691431927008&scor=2867793144196442&ged=ve4_td20_tt16_pd20_la20000_er0.0.0.0_vi0.0.1200.1600_vp0_ts4_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 6426 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Fcasho.la_2.1&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1464505489357817&vpmute=0&mpt=videojs-ima&vpa=auto&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=397360844&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&media_url=blob%3Ahttps%253a%2F%2Fwww.casho.la%2Fce0a57bf-bafc-4479-a732-f0928b6b08e5&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=6924&dt=1691431927080&scor=2867793144196442&ged=ve4_td20_tt16_pd20_la20000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
advast
ad.360yield.com/ Frame 868F 		27 B
240 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/advast?p=22894085&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&gdpr=1&gdpr_consent=&vast_version=3&vpaid_version=2&video_format_type=outstream
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.114.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-114-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:07 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzExMzUzBg16G9zvAFA%3D.5.1h78j5ug0-ett80fnf09-YWRuXzExMzUzBg16G9zvAFA%3D-wp5sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame 868F 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzc0MDWhxEhzsbF3TA%3D%3D-wp2sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzc0MDWhxEhzsbF3TA%3D%3D-wp2sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzc3MzcHvtE3TySFuQ%3D%3D-wp3sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzc3MzcHvtE3TySFuQ%3D%3D-wp3sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzc3MzDpOFsig0fIyg%3D%3D-wp4sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzc3MzDpOFsig0fIyg%3D%3D-wp4sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzUyNDFeWEDAiyNGKQ%3D%3D-wp7sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzUyNDFeWEDAiyNGKQ%3D%3D-wp7sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzc3MziQ_U2fcETwLw%3D%3D-wp9sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzc3MziQ_U2fcETwLw%3D%3D-wp9sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame 868F 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzU5MDYkYm9wCJ1k6A%3D%3D-wp11sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzU5MDYkYm9wCJ1k6A%3D%3D-wp11sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptv
secure.adnxs.com/ Frame 868F 		27 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?member=9986&id=22864712&vplaybackmethod=2&referrer=casho.la&gdpr=1&gdpr_consent=&cb=1691431925&schain=1.0,1!viads.com,105507,1,,,!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:07 GMT
an-x-request-uuid
09ffcd92-ae8e-4055-b95b-7449c4fc4471
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
27
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzEwNDQy0FHRwlBJl-w%3D.8.1h78j5ug0-ett80fnf09-YWRuXzEwNDQy0FHRwlBJl-w%3D-wp8sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame 868F 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzExMzUzBg16G9zvAFA%3D-wp5sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzExMzUzBg16G9zvAFA%3D-wp5sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzYwMTLCQhSTA-JiFg%3D%3D-wp6sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzYwMTLCQhSTA-JiFg%3D%3D-wp6sc1%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%2290008%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
advast
ice.360yield.com/ Frame 868F 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22599158&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&gdpr=1&gdpr_consent=&vast_version=3&vpaid_version=2&video_format_type=outstream&schain=1.0,1!viads.com,105507,1,,,!showheroes.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.114.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-114-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:07 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzk3NjPlCs6FF177kg%3D%3D.10.1h78j5ug0-ett80fnf09-YWRuXzk3NjPlCs6FF177kg%3D%3D-wp10sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame 868F 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzEwNDQy0FHRwlBJl-w%3D-wp8sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzEwNDQy0FHRwlBJl-w%3D-wp8sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
service.bidlab.ai/ Frame 868F 		65 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.bidlab.ai/?c=v&m=tag&placementId=178&videotype=VPAID&wPlayer=432&hPlayer=243&ip=80.255.7.104&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F115.0.5790.170+Safari%2F537.36&domain=casho.la&page=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&secure=1&language=it&bidfloor=1&gdpr_consent=&gdpr=1&schain=1.0,1!viads.com,105507,1,,,!showheroes.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.108.106 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Date
Mon, 07 Aug 2023 18:12:07 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
65
Content-Type
text/xml
/
ads.viralize.tv/t-bid-opportunity/ Frame 868F 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzExMjY5Q56SXM_CuCM%3D.12.1h78j5ug0-ett80fnf09-YWRuXzExMjY5Q56SXM_CuCM%3D-wp12sc1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame 868F 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzk3NjPlCs6FF177kg%3D%3D-wp10sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzk3NjPlCs6FF177kg%3D%3D-wp10sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame 868F 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j5ug0-ett80fnf09-YWRuXzExMjY5Q56SXM_CuCM%3D-wp12sc1%22%2C%22bid_opportunity_id%22%3A%221h78j5ug0-ett80fnf09-YWRuXzExMjY5Q56SXM_CuCM%3D-wp12sc1%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:07 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
1634065213_mercedes-wind5.ts
cdn.globalsun.io// 		689 KB
690 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.globalsun.io//1634065213_mercedes-wind5.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::19 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
b31de8d3b58d6b51211fa7b4b7b689b34e00d9748eacca357fb71ac4c66243de

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-77-pop
frankfurtDE
date
Mon, 07 Aug 2023 18:12:08 GMT
x-cache
HIT
x-77-cache
HIT
x-age
880308
x-accel-date
1690551620
content-length
705188
x-77-nzt
AcO1qhGAnkP/tG4NAA
x-accel-expires
@1691588420
last-modified
Tue, 12 Oct 2021 19:00:14 GMT
server
CDN77-Turbo
etag
"ac2a4-5ce2c749ecb80"
x-77-nzt-ray
4c1562242a4ba445f833d1643a074f25
vary
Origin
content-type
text/vnd.trolltech.linguist
access-control-allow-origin
https://www.casho.la
accept-ranges
bytes
video8.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		467 KB
468 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video8.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
fba149d48c297fb10215569731ae09a2d630aadaf2963f78f870930c001cf48a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:09 GMT
cdn-edgestorageid
1054
cdn-storageserver
DE-169
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
477896
last-modified
Mon, 09 Jan 2023 09:55:07 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
520
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
51784751d40bb5e773dbccbc5ef3bda4
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
ads
pagead2.googlesyndication.com/gampad/ Frame 722D 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F22082859479%2C22821854111%2Fcasho_la_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=1464505489357817&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4222459873&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=11071&dt=1691431929128&scor=2179161935521218&ged=ve4_td22_tt18_pd22_la22000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:09 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
csi
csi.gstatic.com/ Frame 722D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll16w46z&c=960899130579&slotId=480449565289.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:09 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
s
kvt.sddan.com/api/v1/public/p/29567/d/50/ 		0
0
bid
aax.amazon-adsystem.com/e/dtb/ 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=EsvKZuUwILj7z&cb=1&ws=1600x1200&v=23.725.1446&t=3500&slots=%5B%7B%22sd%22%3A%2263612cb48934e21c346d92b8-1104%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%2C%22160x600%22%5D%2C%22sn%22%3A%22%2F21726375739%2C22687808135%2FVM_635ba897fb8ea73a414646e5%22%7D%5D&schain=1.0%2C1!venatus.com%2C62693fbe0036ac21aee6add7%2C1%2C%2C%2C&gpp_sid=%5B-1%5D&pubid=70247b00-ff8f-4016-b3ab-8344daf96e09&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A5100%7D
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 20e88007b6f5218ef5942bc3581c73b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
YJ9YC3B85SDEY56X0TAC
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
vTR8ZbT4-Tj-i8rsXSOFlNN6aqzReDNVAjmdmQezMHV17edSon1X3Q==
%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2270247b00-ff8f-4016-b3ab-8344daf96e09%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrar...
aax.amazon-adsystem.com/x/px/p/PH/ 		43 B
415 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/x/px/p/PH/%7B%22_tl%22%3A%22aps-tag%22%2C%22_type%22%3A%22featureUsage%22%2C%22src%22%3A%22kraken%22%2C%22pubid%22%3A%2270247b00-ff8f-4016-b3ab-8344daf96e09%22%2C%22p%22%3A%5B%7B%22cat%22%3A%22log%252Flibrary%252FdidUseFeature%22%2C%22feat%22%3A%22cancelled%22%7D%5D%2C%22u%22%3A%22https%253A%252F%252Fwww.casho.la%252Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%252F%22%2C%22lv%22%3A%2223.725.1446%22%7D
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:09 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 3a4b7ff21260552f6982d2003fec9c84.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
8S2AF3K17YPWCVT9TGRJ
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
no-cache
content-length
43
x-amz-cf-id
AvmfEkxWGLiIByk8ttrIFE3vMCHGg1QCCVSVv9k1Mggf27-ztIf1kw==
c
prebid.a-mo.net/a/ 		0
275 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:09 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
32
server
envoy
vary
origin, Accept-Encoding
/
ghb1.adtelligent.com/v2/auction/ 		1 KB
937 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ghb1.adtelligent.com/v2/auction/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
185.239.173.210 -, , ASN (),
Reverse DNS
Software
Adtelligent /
Resource Hash
8824e6b4f933d1c25b437ed6aa53a735c07eee6bb65b2b3405d86577971d274d

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 07 Aug 2023 18:12:09 GMT
Content-Encoding
gzip
Server
Adtelligent
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.casho.la
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
X-Robots-Tag
noindex
Content-Length
630
/
prebid.smilewanted.com/ 		0
0
pb
ad.360yield.com/1602/ 		0
99 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/1602/pb
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.114.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-114-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:09 GMT
access-control-allow-credentials
true
fastlane.json
fastlane.rubiconproject.com/a/api/ 		542 B
749 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=11740&site_id=39550&zone_id=1078234&size_id=15&alt_size_ids=10&p_pos=atf&rp_schain=1.0,1!themoneytizer.com,88435,1,,,&eid_id5-sync.com=0%5E1%5E&eid_pubcid.org=0c974440-dd3e-46f6-b53f-0fbf20d340ea%5E1&rf=https%3A%2F%2Fwww.casho.la&kw=93644&tg_i.domain=casho.la&tg_i.page=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.name=casho.la&tg_i.siteid=93644&tg_i.pbadslot=%2F93644%2Fcasho.la%2Fdesktop%2F26323&tk_flint=pbjs_lite_v8.6.0&l_pb_bid_id=16729870722faa9b&p_screen_res=1600x1200&rp_floor=0.01&rp_secure=1&rp_maxbids=1&p_gpid=%2F93644%2Fcasho.la%2Fdesktop%2F26323&slots=1&rand=0.8493439027893324
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
7443a93d05bbf88bd0feee40ae15733e530717f8a5f0093570eb5ab8e11dbe62

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:09 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
542
expires
Wed, 17 Sep 1975 21:32:10 GMT
bid-request
a.teads.tv/hb/ 		16 B
379 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://a.teads.tv/hb/bid-request
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.49 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-49.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:09 GMT
content-encoding
gzip
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version-List, Sec-CH-UA-WoW64
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
42
expires
Mon, 07 Aug 2023 18:12:09 GMT
prebid-request
onetag-sys.com/ 		15 B
359 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.38.120.206 Hessen, Germany, ASN16276 (OVH, FR),
Reverse DNS
ip206.ip-51-38-120.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
content-type
application/json
access-control-allow-origin
https://www.casho.la
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
cache-control
no-transform, no-cache
access-control-allow-credentials
true
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
prebid
ib.adnxs.com/ut/v3/ 		18 KB
9 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
fa18ee87b33449eaeb965c5661dc9b78a911510b48222fe3b1443c825a7924d5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:09 GMT
content-encoding
gzip
an-x-request-uuid
eb6604a4-765f-4105-a99d-f4c544276425
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
vary
Accept-Encoding
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		181 B
528 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&PageUrl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&PageReferrer=https%3A%2F%2Fwww.google.com%2F
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
a954dbf8547ecb70b99d458d56f9ddf8b875c2363edbde8182eb7c1706ca5d27
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:09 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
34
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
181
expires
0
hb
ssc.33across.com/api/v1/ 		67 B
108 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ssc.33across.com/api/v1/hb?guid=d5jv24zaar7ikjrkHcnnVW
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
76.20.149.34.bc.googleusercontent.com
Software
/ 33Across
Resource Hash
ba5ea92913e3afc69217da94c109c8f4b1a6ae2de906375495bcffbc71792052

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:12:09 GMT
content-encoding
gzip
via
1.1 google
x-powered-by
33Across
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
status
200 OK
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
prebid
mp.4dex.io/ 		60 B
461 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 07 Aug 2023 18:12:09 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
content-encoding
gzip
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1015
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f317c79ae604d25-FRA
expires
0
cdb
bidder.criteo.com/ 		0
191 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=136&profileId=185&av=36&wv=8.6.0&cb=73093060583
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:09 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
ROS
pbjs.e-planning.net/pbjs/1/2a156/1/www.casho.la/ 		415 B
736 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pbjs.e-planning.net/pbjs/1/2a156/1/www.casho.la/ROS?rnd=0.39241293187579673&e=26323%3A300x250%2C300x600&ur=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pbv=8.6.0&ncb=1&vs=F&crs=UTF-8&fr=https%3A%2F%2Fwww.google.com%2F&e_id5id=%257B%2522uid%2522%253A%25220%2522%252C%2522ext%2522%253A%257B%2522linkType%2522%253A0%252C%2522pba%2522%253A%2522gS9OtE5Q9krRRjmqGEblIw%253D%253D%2522%257D%257D&e_pubcid=0c974440-dd3e-46f6-b53f-0fbf20d340ea
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
193.3.178.4 , United States, ASN399668 (E-PLANNING-, US),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
5b123b7eae1cbb110a2e2a955b2b6bb7a3bb543b58346c2ece086c8d67f61547

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

expires
Mon, 07 Aug 2023 18:12:09 GMT
date
Mon, 07 Aug 2023 18:12:09 GMT
server
openresty
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
access-control-allow-origin
https://www.casho.la
content-type
application/json
cache-control
max-age=0, no-cache
access-control-allow-credentials
true
content-length
415
x-sid
AMS-929
moneybid.js
ads.themoneytizer.com/bidder1/ 		628 B
758 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.themoneytizer.com/bidder1/moneybid.js?siteid=93644&adid=3&formatid=26323&size=desktop
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6ea0:c700::18 Frankfurt am Main, Germany, ASN60068 (CDN77 ^_^, GB),
Reverse DNS
Software
CDN77-Turbo /
Resource Hash
134585e07c76bc75c0b03610f5ab17a2b791ccca69fed16fa0b5bc1bd6bfb578

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-77-nzt
AZySIYs6LPHB
x-accel-expires
@1692036729
date
Mon, 07 Aug 2023 18:12:09 GMT
x-77-pop
frankfurtDE
content-encoding
gzip
server
CDN77-Turbo
x-77-nzt-ray
cf878727428580e6f933d1647ac27033
vary
Accept-Encoding, Origin
x-cache
MISS
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.casho.la
x-77-cache
MISS
cache-control
max-age=604800
bids
prebid-us.creativecdn.com/bidder/prebid/ 		0
175 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-us.creativecdn.com/bidder/prebid/bids
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.184.10.30 , Poland, ASN203690 (RTB-HOUSE-ASH, PL),
Reverse DNS
ip-185-184-10-30.rtbhouse.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:10 GMT
access-control-allow-credentials
true
vary
Origin
access-control-max-age
3600
access-control-allow-methods
POST
/
b1h.zemanta.com/api/bidder/prebid/bid/ 		0
118 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://b1h.zemanta.com/api/bidder/prebid/bid/
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
64.202.112.127 , United States, ASN23352 (SERVERCENTRAL, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Access-Control-Allow-Credentials
true
adreq
ads.servenobid.com/ 		646 B
666 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=4996
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
99.81.161.232 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-99-81-161-232.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ecbc1b07cb2761e6e400e66268e4c7413c14b15d9c7220d1f930fa80e317b50d

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:12:09 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
events
bidder.criteo.com/csm/ 		0
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Aug 2023 18:12:09 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
/
ads.viralize.tv/player/ Frame 0CB3 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&_timestamp=1691431922066&sid=01ee354de8a96ec0ec105a2beb1ac0b2&experiment=ops.v&ahd=1&enable_branding=0&schain=1.0,1!viads.com,105507,1,,,&player_session=%7B%22page_id%22%3A%220189d132ef7431653af555e734d905e0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A4566%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&r=https%3A%2F%2Fwww.google.com%2F&pub_platform=&dd=casho.la&sc=2&gdpr=1&cs=&cmp=timeout&us_privacy=1---
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.56ff929a.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
06e5f610688549c5a9568a7b86890f008bff187d18b1d4263f6df69fb4ccd578

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame F8EF 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
42468
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame F8EF 		101 B
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 07 Aug 2023 18:12:10 GMT
age
1058864
detected-user-agent
Chrome/115.0.0
useragent_normaliser
chrome/115.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
105
referrer-policy
origin-when-cross-origin
last-modified
Mon, 24 Jul 2023 22:12:52 GMT
fastly_service_version
222
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/115.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame F8EF 		345 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121802
x-xss-protection
0
expires
Mon, 07 Aug 2023 18:12:10 GMT
viralize_player.min.91ae55f5.js
monetize-static.viralize.tv/ Frame F8EF 		400 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/viralize_player.min.91ae55f5.js?e=ops
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
ea9b76a337c18067d0646a24aa3c1e5d792f08882182bcac39fc0b613a951cbb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdso_U5-BQwjz594diuK1KQTerbdciH8VEcEHHNXIHrmq0wYjCtusY6YsiIEZfhUndfynuaRNg2a7oNOqH4AqjXUZg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
115590
last-modified
Mon, 07 Aug 2023 07:43:44 GMT
server
UploadServer
etag
"91ae55f5c3aa02e4720ace777ea4b835"
vary
Accept-Encoding
x-goog-generation
1691394224820970
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=NZMkiw==, md5=ka5V9cOqAuRyCs53fqS4NQ==
cache-control
public, max-age=2592000
x-goog-stored-content-length
409561
accept-ranges
bytes
expires
Wed, 06 Sep 2023 18:12:10 GMT
/
sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/ Frame EB38 		61 B
246 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.richaudience.com/dcf3528a0b8aa83634892d50e91c306e/?ord=2908609224
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
162.55.233.28 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.28.233.55.162.clients.your-server.de
Software
nginx/1.14.1 / PHP/8.2.4
Resource Hash
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:12:07 GMT
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
server
nginx/1.14.1
x-powered-by
PHP/8.2.4
CookieSync.html
csync.smartadserver.com/diff/rtb/csync/ Frame 23F9 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=2058&dcid=4&iscname=false&cname=&gdpr=1&gdpr_consent=
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:12:10 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524911.683358"
Last-Modified
Tue, 22 Feb 2022 09:59:54 GMT
Server
AkamaiNetStorage
usync.html
eus.rubiconproject.com/ Frame F1A4 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&us_privacy=1---
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 07 Aug 2023 18:12:10 GMT
ETag
"403b9-119-5ec73a0a33d00"
Last-Modified
Wed, 02 Nov 2022 02:30:44 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
2x2
ad.yieldlab.net/d/6846326/766/ Frame E590 		61 B
372 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/d/6846326/766/2x2?ts=1691431926725&type=h&gdpr=1
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
240f4b24556b4dc7b2b149c5e523d7816589b3b42c04d8acb86e882cd895c110

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Connection
keep-alive
Content-Language
de-DE
Content-Length
61
Content-Type
text/html;charset=UTF-8
Date
Mon, 07 Aug 2023 18:12:10 GMT
Expires
Sun, 06 Aug 2023 18:12:10 GMT
Pragma
no-cache
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 23F9 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=2058&dcid=4&iscname=false&cname=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 23F9 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=2058&dcid=4&iscname=false&cname=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=2058&dcid=4&iscname=false&cname=&gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"0dec18a9648b57994b6d38816a4f0f72:1688378499.453464"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 23F9 		157 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=2058&dcid=4&iscname=false&cname=&gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
86ec23821217734d74230a6907152bdaf190cfe1f1c6b3490c6ad76d902727a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?hasrtb=true&nwid=2058&dcid=4&iscname=false&cname=&gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"e10b5582af97aec7baf13d0edfb2a28d:1688378499.797211"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4237
usync.js
eus.rubiconproject.com/ Frame F1A4 		34 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&us_privacy=1---
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
88.221.169.246 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a88-221-169-246.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&us_privacy=1---
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 07 Aug 2023 01:15:59 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
Content-Type
text/html; charset=UTF-8
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=25453
Connection
keep-alive
Content-Length
10115
Expires
Tue, 08 Aug 2023 01:16:23 GMT
prebid.min.8767321a.js
monetize-static.viralize.tv/ Frame F8EF 		461 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/prebid.min.8767321a.js?e=ops
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
2ac194d6713ab93b6db5a93acd42bdd04893c76ebe404eced269e696fd25d20a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsm77dKEiebMzpG0voAWQBVjxLHObngxEYjiM1e9U7489IiYltO5mYtaS0st8StnDMmp1ZXX9u32fMyxbBppH-4
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
149442
last-modified
Mon, 17 Jul 2023 08:34:42 GMT
server
UploadServer
etag
"8767321aa946fab11b7849c3c8cab276"
vary
Accept-Encoding
x-goog-generation
1689582882143487
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=xXO4Yg==, md5=h2cyGqlG+rEbeEnDyMqydg==
cache-control
public, max-age=2592000
x-goog-stored-content-length
471945
accept-ranges
bytes
expires
Wed, 06 Sep 2023 18:12:10 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame F8EF 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:09 GMT
content-encoding
gzip
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront), 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P3
age
2
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
7YkkL81NW38QI95aoYtzuvVMiLf8H-Xj4uSUf73xqPdcQZ4mUtEwDg==
genericpost
ww1097.smartadserver.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type,save-data
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type,save-data
access-control-allow-methods
GET,HEAD,POST
access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:10 GMT
vary
Origin
genericpost
ww1097.smartadserver.com/ 		2 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ww1097.smartadserver.com/genericpost
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
5.135.209.97 Oignies, France, ASN16276 (OVH, FR),
Reverse DNS
ip97.ip-5-135-209.eu
Software
/
Resource Hash
115e80ae38a9ca9fa929074866c80133cf841928cb21ae783e86ea756e03f5e2

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
Save-Data
off
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
content-type
application/javascript

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
https://www.casho.la
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
/
c.tmyzer.com/c/ 		0
280 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.tmyzer.com/c/?s=93644&f=3&fi=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
54.38.64.100 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
server
nginx
x-iplb-request-id
50FF0768:D552_36264064:01BB_64D133FA_30B2575:2A84
x-iplb-instance
24857
transfer-encoding
chunked
content-type
text/html; charset=UTF-8
access-control-allow-origin
*
geo
rbx
config
c.amazon-adsystem.com/cdn/prod/ Frame F8EF 		0
305 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5044&u=https%3A%2F%2Fwww.casho.la
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:05 GMT
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
4
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.casho.la
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
TvHJ64-d6wa9fkOa-d14x8Yjg8QeHbbijslbSjQlAW0L78W1vubBzw==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame F8EF 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 06:23:09 GMT
x-amz-cf-pop
FRA56-P3
age
42542
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
7SxWLsOfy0_rui7_sbMKZzt3WLu99MkSi8cXeU92oDqXjou2TMldXw==
bid
aax.amazon-adsystem.com/e/dtb/ Frame F8EF 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5044&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=u1wxO7Nz23C3A&cb=0&ws=0x0&v=23.725.1446&t=2000&slots=%5B%7B%22id%22%3A%22videoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!viads.com%2C105507%2C1%2C%2C%2C!viralize.com%2C4704%2C1%2C%2C%2C&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 20e88007b6f5218ef5942bc3581c73b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
09BDYNR5JZZRWNB6GZQ0
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
KaIKG1cfJjCGCf0cokUAnE96ZZYkGVwehC0NkrxjeE7As2kuDr2sxw==
v1
prg.smartadserver.com/prebid/ Frame F8EF 		296 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
19d462753622cb54a31c01de3fe6962c477f3818f8fc5b748501380f03216c68

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:09 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.casho.la
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
13521553
ad.yieldlab.net/yp/ Frame F8EF 		2 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/yp/13521553?ts=1691431930351&json=true&pvid=true&schain=1.0,1!viads.com,105507,1,,,,!showheroes.com,4704,1,,,,&pubref=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&gdpr=true&consent=undefined
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:12:10 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.casho.la
Content-Language
de-DE
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length
22
Expires
Sun, 06 Aug 2023 18:12:10 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame F8EF 		173 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
019fb4fc54a92b4315c07c77c7899f58f932b5c84b9d151fb5b273d9bb0f3e66

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
Expires
0
openrtb
adx.adform.net/adx/ Frame F8EF 		0
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:10 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
prebid-server.rubiconproject.com/openrtb2/ Frame F8EF 		173 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
019fb4fc54a92b4315c07c77c7899f58f932b5c84b9d151fb5b273d9bb0f3e66

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
Expires
0
/
shb.richaudience.com/hb/ Frame F8EF 		4 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame F8EF 		173 B
464 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
019fb4fc54a92b4315c07c77c7899f58f932b5c84b9d151fb5b273d9bb0f3e66

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
Expires
0
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzU5ODEi0aXgDt_c3Q%3D%3D.8.1h78j62cf-2n6frkl46eo-YWRuXzU5ODEi0aXgDt_c3Q%3D%3D-wp8sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzc0MDWhxEhzsbF3TA%3D%3D.1.1h78j62cf-2n6frkl46eo-YWRuXzc0MDWhxEhzsbF3TA%3D%3D-wp1sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzc3NDaIulcrXplK3w%3D%3D.3.1h78j62cf-2n6frkl46eo-YWRuXzc3NDaIulcrXplK3w%3D%3D-wp3sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzEwMzc0fJMvjj54k9c%3D.11.1h78j62cf-2n6frkl46eo-YWRuXzEwMzc0fJMvjj54k9c%3D-wp11sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzEwOTcw9TAwGGdI07c%3D.9.1h78j62cf-2n6frkl46eo-YWRuXzEwOTcw9TAwGGdI07c%3D-wp9sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzYwMTRs6FL84r-upw%3D%3D.6.1h78j62cf-2n6frkl46eo-YWRuXzYwMTRs6FL84r-upw%3D%3D-wp6sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzEwOTY3oRqpCV20W9A%3D.4.1h78j62cf-2n6frkl46eo-YWRuXzEwOTY3oRqpCV20W9A%3D-wp4sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzQ3MjISXlnO0Pe6nA%3D%3D.2.1h78j62cf-2n6frkl46eo-YWRuXzQ3MjISXlnO0Pe6nA%3D%3D-wp2sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
advast
ad.360yield.com/ Frame F8EF 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/advast?p=22894085&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&gdpr=1&gdpr_consent=&vast_version=3&vpaid_version=2&video_format_type=outstream
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.114.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-114-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:10 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzExMzUzBg16G9zvAFA%3D.5.1h78j62cf-2n6frkl46eo-YWRuXzExMzUzBg16G9zvAFA%3D-wp5sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ads
pagead2.googlesyndication.com/gampad/ Frame 722D 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21928950349%2C22821854111%2Fcasho_la_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=1464505489357817&adsafe=medium&hl=en&vpos=preroll&cust_params=KV1%3D0.60%26max_ad_duration%3D900&ad_type=audio_video&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&vpa=auto&vpmute=0&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4222459873&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=11071&dt=1691431930479&scor=425343584011852&ged=ve4_td23_tt19_pd23_la23000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.viralize.tv/track/ Frame F8EF 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzc0MDWhxEhzsbF3TA%3D%3D-wp1sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzc0MDWhxEhzsbF3TA%3D%3D-wp1sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzc3NDaIulcrXplK3w%3D%3D-wp3sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzc3NDaIulcrXplK3w%3D%3D-wp3sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzEwOTY3oRqpCV20W9A%3D-wp4sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzEwOTY3oRqpCV20W9A%3D-wp4sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzU5ODEi0aXgDt_c3Q%3D%3D-wp8sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzU5ODEi0aXgDt_c3Q%3D%3D-wp8sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzEwOTcw9TAwGGdI07c%3D-wp9sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzEwOTcw9TAwGGdI07c%3D-wp9sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame F8EF 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzEwMzc0fJMvjj54k9c%3D-wp11sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzEwMzc0fJMvjj54k9c%3D-wp11sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzQ3MjISXlnO0Pe6nA%3D%3D-wp2sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzQ3MjISXlnO0Pe6nA%3D%3D-wp2sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
advast
ice.360yield.com/ Frame F8EF 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22599158&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&gdpr=1&gdpr_consent=&vast_version=3&vpaid_version=2&video_format_type=outstream&schain=1.0,1!viads.com,105507,1,,,!showheroes.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.114.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-114-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:10 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzk3NjPlCs6FF177kg%3D%3D.7.1h78j62cf-2n6frkl46eo-YWRuXzk3NjPlCs6FF177kg%3D%3D-wp7sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
csi
csi.gstatic.com/ Frame 722D 		0
17 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ll16wdcd&c=960899130579&slotId=480449565289.5&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4008:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:10 GMT
last-modified
Wed, 21 Jan 2004 19:51:30 GMT
server
Golfe2
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
ads.viralize.tv/track/ Frame F8EF 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzExMzUzBg16G9zvAFA%3D-wp5sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzExMzUzBg16G9zvAFA%3D-wp5sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzYwMTRs6FL84r-upw%3D%3D-wp6sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzYwMTRs6FL84r-upw%3D%3D-wp6sc2%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%2290008%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptv
secure.adnxs.com/ Frame F8EF 		27 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?member=9986&id=22864712&vplaybackmethod=2&referrer=casho.la&gdpr=1&gdpr_consent=&cb=1691431930&schain=1.0,1!viads.com,105507,1,,,!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:10 GMT
an-x-request-uuid
b6595d2c-2ec0-47cf-88a7-b1830ea99924
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
27
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzEwNDQy0FHRwlBJl-w%3D.10.1h78j62cf-2n6frkl46eo-YWRuXzEwNDQy0FHRwlBJl-w%3D-wp10sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame F8EF 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzk3NjPlCs6FF177kg%3D%3D-wp7sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzk3NjPlCs6FF177kg%3D%3D-wp7sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
service.bidlab.ai/ Frame F8EF 		65 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.bidlab.ai/?c=v&m=tag&placementId=178&videotype=VPAID&wPlayer=432&hPlayer=243&ip=80.255.7.104&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F115.0.5790.170+Safari%2F537.36&domain=casho.la&page=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&secure=1&language=it&bidfloor=1&gdpr_consent=&gdpr=1&schain=1.0,1!viads.com,105507,1,,,!showheroes.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.108.106 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Date
Mon, 07 Aug 2023 18:12:10 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
65
Content-Type
text/xml
/
ads.viralize.tv/t-bid-opportunity/ Frame F8EF 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzExMjY5Q56SXM_CuCM%3D.12.1h78j62cf-2n6frkl46eo-YWRuXzExMjY5Q56SXM_CuCM%3D-wp12sc2
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame F8EF 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzEwNDQy0FHRwlBJl-w%3D-wp10sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzEwNDQy0FHRwlBJl-w%3D-wp10sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame F8EF 		0
0
CookieSync.html
csync.smartadserver.com/diff/rtb/csync/ Frame 4F0B 		435 B
744 B 		Document
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=14&gdpr=1&gdprc=
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
435
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:12:10 GMT
ETag
"4b81e967df07d41c24270ccf669f7336:1645524911.683358"
Last-Modified
Tue, 22 Feb 2022 09:59:54 GMT
Server
AkamaiNetStorage
script.js
acdn.adnxs-simple.com/strikeforce/ Frame 0215 		125 KB
44 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs-simple.com/strikeforce/script.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
954309f6fff8b00faddd8b89b52990d9ee23a1c56bb7c71ee630d77973090e96

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 10:24:12 GMT
Server
nginx/1.18.0 (Ubuntu)
ETag
"64ad2dcc-1f24a"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Length
44995
Expires
Tue, 08 Aug 2023 18:12:12 GMT
nmedianet.js
contextual.media.net/ Frame 0215 		93 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/nmedianet.js?cid=8CU42D0G6&ydspr=1
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
c7f7d8cf6b996acb9c8096f50b079594d5dc19f3338bd9ca463da608efd1e067
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-mnt-h
22-vx5n
strict-transport-security
max-age=31536000
content-encoding
gzip
date
Mon, 07 Aug 2023 18:12:11 GMT
server
Apache
etag
"8c5e99650bdc71d1c6399801fc36d208"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
cache-control
max-age=300
x-mnt-w
22-qc9v
timing-allow-origin
*
content-length
35840
expires
Mon, 07 Aug 2023 18:17:11 GMT
log
qsearch-a.akamaihd.net/ Frame 0215 		35 B
296 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://qsearch-a.akamaihd.net/log?logid=kfk&evtid=dmmra&acid=41d25228dd4c4da7ab8a5c7618841d24&algo=unison12&bdp=0.0100&bidfp=0.0000&capd=0&cc=DE&cid=8CU62QK31&crid=755701432&ct=Undenheim&dc=eu_be&dfpbd=0.0056&dn=casho.la&iwb=1&ogcbdp=0.0100&other_bids=0.01&other_prv=462&pbshr=100.0000&prdp=0.0056&requrl=casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&sat=1&sc=RP&sc_pvid=462&send_erpm=true&server=1&size=300x250&strg=harmony&totalTime=2816630&ugd=4&ver=9.6.0&cliIP=1358890752&time_stamp=2023-08-07%2018%3A12%3A09&seat=462&itype=appnexus_experiment&req_id=4710900265941101840&dim4=exploration&dfp_bucket=0.0&level_base=0&bdp_bucket=0.0&app_type=prod&br_id=265&o_id=101&ua=Mozilla%2F5.0%20%28Windows%20NT%2010.0%3B%20Win64%3B%20x64%29%20AppleWebKit%2F537.36%20%28KHTML%2C%20like%20Gecko%29%20Chrome%2F115.0.5790.170%20Safari%2F537.36&br_ver=115.0.5790.170&o_ver=NT%2010.0&second_bid=0.0&second_bidder=%2A&model_key=generic_others_2-cid_1&ogerpm=0.0000&ogerpm_used=false&rawbid=0.0100&totalTimeBucket=2&as_cache=1&sub_bidder=0&current_day=1.0&current_hour=18&cut=44&floor_bucket=0.00&model_version=202308060622_generic_others_2-cid_1&erpm_bucket=0.00&mul_ratio=0.0000&dmm_m4=0.0000&ogerpm_wd_bkt=0-1&visibility=0&viewability=0.0700&stid=28085764&pvid_seat=462_462&ckfl=0&mnckfl=0&sd=0&predicted_wr=2.6717&bdp_wider_bucket=1&splid=28085764&dim10=false&dmm_m9=0.0000&log_less=false&cut_bkt=45&dmm_d36=NA&advurl=generalsearch.net%2F&dmm_d10=0.0000&dmm_d22=0.02&bdmm_m5=1.0000&bdmm_m6=1.0000&bdmm_m7=0.6030&bdmm_m12=0.6030&dmm_l=0.1800&dmm_r=0.1800&e_rpm=0.0490&bdr_typ=2&url_l1=joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon&clisp=rtb-common-7bcbc7f598-xzrnm.BE&dmm_m1=2023-08-07%2018%3A12%3A09.830061278&bd_m1=0.0000&bd_m2=0.0000&bd_m3=0.0000&ss_d1=0&ss_d2=0&dmm_m22=0.0000&adtyp=0&gpid_format=DEFAULT&gpid=28085764&gpid_sent=true&pst=EMS&bcrid=450043544&erpm_mult=1.000000&zone=b&rc=-1&sfm_key=System_462&content_context=-1&video_mindur=-1&video_maxdur=-1&vskip=-1&ctr=-1.0&vcmplrt=-1.0&vplcmtt=-1&itype_id=21&wsip=mowx-f9dd579fd-f9pfh&rel_cut_bkt=45&djvm=9.5.8
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2.16.164.91 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:12:10 GMT
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
35
Expires
Mon, 07 Aug 2023 18:12:10 GMT
release-20230329-99-adperformance.js
warp.media.net/rtb/resources/ Frame 0215 		71 KB
25 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://warp.media.net/rtb/resources/release-20230329-99-adperformance.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.122.24.29 -, , ASN (),
Reverse DNS
Software
UploadServer /
Resource Hash
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=604800
content-encoding
gzip
date
Mon, 07 Aug 2023 18:12:11 GMT
x-guploader-uploadid
ADPycdt-ZvS1Ng69KUEm5bGJxJYo3adbUJK4J6ysZsmUH8-RjB8SdR6U1w2HqxRloagNZksp-7OciBeCH3y1tmsnAC2Vxg
x-goog-storage-class
STANDARD
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
25080
server
UploadServer
etag
"821663833b8f83b3092ebbca9ed4a6f2"
vary
Accept-Encoding
x-goog-hash
md5=ghZjgzuPg7MJLrvKntSm8g==, crc32c=XNaW9A==
content-type
application/javascript
x-goog-generation
1680095338448196
cache-control
max-age=3600
x-goog-stored-content-length
73074
expires
Mon, 07 Aug 2023 19:12:11 GMT
trk.js
cdn.adnxs.com/v/s/239/ Frame 0215 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.adnxs.com/v/s/239/trk.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:11 GMT
Content-Encoding
gzip
Last-Modified
Tue, 11 Jul 2023 11:56:12 GMT
Server
AkamaiNetStorage
ETag
"615fd4ad24a409f4de5416b603f042c1:1689076572.555276"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=31536000
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
27646
Expires
Tue, 06 Aug 2024 18:12:11 GMT
it
ams3-ib.adnxs.com/ Frame 0215 		0
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ams3-ib.adnxs.com/it?an_audit=0&referrer=https%253A%252F%252Fwww.casho.la%252Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%252F&e=wqT_3QKNBfBMjQIAAAMA1gAFAQj558SmBhDIv5arz4eA0FMYneLapJ_Tr8NPKjYJ-n5qvHSTeD8RSkIibeNPdD8ZAAAAQDMz0z8hSkIibeNPdD8p-n4JJAAxARvI4XqEPzCEnLINOMNGQOpcSOADUJi9zNYBWKScowFgAGip_sYBeO7xBYABAYoBA1VTRJIBAQb0_QGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCueED4ALWl1zqAlVodHRwczovL3d3dy5jYXNoby5sYS9qb2UtYmlkZW4taGludHMtYS1wb3RlbnRpYWwtdGF4LWhpa2Utb24tb2lsLWNvbXBhbmllcy12ZXJ5LXNvb24vgAMAiAMBkAMAmAMXoAMBqgNCEhg0NzEwOTAwMjY1OTQxMTAxODQwX3NiaWQaEzYwMjU4MTY1NjMyMzY4MzkzNjgiCTQ1MDA0MzU0NCoGTTExODgywAPYBMgDANgDqorQAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDSoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBJi9zNYBiAUBmAUAoAWQ2tnd0dqesEHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGsPEB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfu8QXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4nKAooIAhAAlQgAAIA_mAgBwAi54QM.&s=1bf096669bb9393c812fe190675bce416fddb383
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:10 GMT
an-x-request-uuid
914fe45c-7071-4167-9728-402b1ab9aebd
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
cmp.js
ced-ns.sascdn.com/diff/js/modules/ Frame 4F0B 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ced-ns.sascdn.com/diff/js/modules/cmp.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=14&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d30 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:10 GMT
Content-Encoding
gzip
Last-Modified
Tue, 25 Jul 2023 08:27:40 GMT
Server
AkamaiNetStorage
ETag
"9e933d8729750cb1d59e5a7d678dc74d:1690276515.341544"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=86400
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3066
CookieSync.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 4F0B 		74 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=14&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=14&gdpr=1&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"0dec18a9648b57994b6d38816a4f0f72:1688378499.453464"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16507
TemplatePool.min.js
csync.smartadserver.com/diff/rtb/csync/ Frame 4F0B 		157 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://csync.smartadserver.com/diff/rtb/csync/TemplatePool.min.js
Requested by
Host: csync.smartadserver.com
URL: https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=14&gdpr=1&gdprc=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:3500:3::b818:4d48 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
AkamaiNetStorage /
Resource Hash
86ec23821217734d74230a6907152bdaf190cfe1f1c6b3490c6ad76d902727a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://csync.smartadserver.com/diff/rtb/csync/CookieSync.html?nwid=1097&dcid=14&gdpr=1&gdprc=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:10 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Jul 2023 09:30:57 GMT
Server
AkamaiNetStorage
ETag
"e10b5582af97aec7baf13d0edfb2a28d:1688378499.797211"
Vary
Accept-Encoding
Content-Type
application/x-javascript
Cache-Control
max-age=3600
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4237
video9.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		604 KB
605 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video9.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash
65b1c6fb04331563d3abddf74bfde40058fc4734797969a92d0db58e2c60939d

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:10 GMT
cdn-edgestorageid
723
cdn-storageserver
DE-197
cdn-cachedat
01/30/2023 07:35:58
cdn-pullzone
829957
content-length
618144
last-modified
Mon, 09 Jan 2023 09:55:12 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
532
cdn-requestpullcode
206
cdn-proxyver
1.03
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
93ce9641831e9f0541b2951f8271363d
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
trackv4
track-selectmedia.com/ 		0
17 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1459&uuid=0efc03f5-3ed0-4592-9f1e-2089a13bc86c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Aug 2023 18:12:11 GMT
via
1.1 google
referrer-policy
no-referrer-when-downgrade
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
content-type
application/json
access-control-allow-origin
https://www.casho.la
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
access-control-allow-credentials
true
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
trackv4
track-selectmedia.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://track-selectmedia.com/trackv4?bulkV3=true&version=1459&uuid=0efc03f5-3ed0-4592-9f1e-2089a13bc86c
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.117.33.6 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
6.33.117.34.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Accept, Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization
access-control-allow-methods
POST, GET, OPTIONS, PUT, DELETE
access-control-allow-origin
https://www.casho.la
allowedheaders
Accept, Content-Type, Content-Length, Accept-Encoding, Authorization,X-CSRF-Token
allowedmethods
GET , POST , PUT , DELETE , OPTIONS
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-type
application/json
date
Mon, 07 Aug 2023 18:12:11 GMT
referrer-policy
no-referrer-when-downgrade
via
1.1 google
1a
i.clean.gg/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
POST
Origin
https://www.casho.la
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-max-age
1728000
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
content-type
text/plain; charset=utf-8
date
Mon, 07 Aug 2023 18:12:11 GMT
server
nginx/1.21.6
via
1.1 google
1a
i.clean.gg/ Frame 0215 		0
15 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://i.clean.gg/1a
Requested by
Host: acdn.adnxs-simple.com
URL: https://acdn.adnxs-simple.com/strikeforce/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.95.69.49 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
49.69.95.34.bc.googleusercontent.com
Software
nginx/1.21.6 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
application/json

Response headers

date
Mon, 07 Aug 2023 18:12:11 GMT
via
1.1 google
server
nginx/1.21.6
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/octet-stream
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Origin,Accept,X-API-Key
content-length
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
SAFEFRAME.html
contextual.media.net/sr/2722522032/ Frame A885 		69 KB
25 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=n*%7C3%7CnH9A*&VF=9OE96H9EH9gOOgHH9Oc&ftMe=9&CdML=A&qdSQ=x(9c&SFt=ciB6(KA*O&SMSt=BuGfq11I51KIt_gaqUuvp2%3D%3D&SeFt=(H4HO696g&dFTQ=HAA0(4A&SS=K~&dS=Wb&Sa.C=)Z_n-ub&MFt=cX-Z*5-Hn&qMFt=vOZH4(4&aqqMd=9&eee=FWMw_8O)HEAt8HKQ)e.CJr4J.HqV4Vr4JUAdgLv8AyD22xcwOFeUDp)99mXi5ImHOT3exUu0e4IaWXWV4YH(ekUHW*fdCFA9ERDD7i)R*Sb%3D&s8eR=aqqMd%3A%2F%2F888PfrrfGQPSrC&Qs8eR=8gg~2%3AJJWWWPhCChIkPuCb&.dQ=4&G8=9&7ft=6&Ltq9=ciBO(2UH9&Ltq(=g44gA96H(&1tLqL=z103GQ.%3D994cz1aM%3DAz1Ft%3DAPA9Az103Ld.%3D(A9A99z103Q0M%3DAz103fF.d7%3DAz103F.qCt%3DAz103ea%3D6gK~2MIc)Wz103eMS%3DAAAAAA9z103dFTQ%3DHAA0(4Az103qCL0%3D9AAz103qCG3d7RRF0%3D%2FzSFqh%3DBuK~u)~ynzSs3RG%3DAztS%3DfSMDQ7D8Qdq9D1ztCC3t9%3DAztCC3t9A%3DAztCC3t9(%3D9ztCC3t96%3DAztCC3t94%3D9ztCC3t9O%3DHztCC3t9g%3DAztCC3t9c%3D4ztCC3t(%3DvztCC3t(9%3DD9ztCC3t((%3DAPA(ztCC3t(6%3D4ztCC3t(4%3DtQR3tQRztCC3t(c%3D4ztCC3t(E%3DAPAAztCC3tH%3DAztCC3tHA%3DAztCC3tH(%3DAztCC3tHH%3DAztCC3tHO%3DuZztCC3tHg%3DvztCC3t6%3D9AztCC3t6A%3DAztCC3t6(%3DAztCC3t6H%3DAztCC3t66%3DMertztCC3t64%3DAztCC3t6O%3D_ztCC3t49%3DAztCC3t4(%3DAPAAztCC3t4O%3DAztCC3tg%3DAztCC3tc%3DAztCC3G%3DAPA(gztCC3C9%3DAPA6EztCC3C9A%3D9PAAAztCC3C99%3D9PAAAztCC3C9(%3DAPOAHztCC3C9H%3D9PAAAztCC3C96%3D9PAAAztCC3C94%3D9PAA9ztCC3C9O%3DAP9cAztCC3C(%3DAPA64ztCC3C(9%3D9PAAAztCC3C(H%3D9PAAAztCC3C(6%3D9PAAAztCC3C(4%3D9PAAAztCC3C(E%3D9PAAAztCC3CH%3D9PAAAztCC3CHA%3D9PAAAztCC3CH6%3D9PAAAztCC3CHE%3D9gPAAAztCC3C6A%3D9gPAAAztCC3C4%3D9PAAAztCC3C4(%3DAPAg9ztCC3C4H%3D9PAAAztCC3C46%3D4PAAAztCC3C44%3D9PAAAztCC3C4g%3D9PAAAztCC3CO%3D9PAAAztCC3Cg%3DAPOAHztCC3CE%3D9PAAAztCC3e%3DAP9cAzQ3eMC%3DAPA6EzQeMC%3DAPA6EzaS%3DA%20%2B%20AzFaL%3DAzFqhMQ%3DZXXu~mBJ3~mX~_yn~uvzCfF%3D(cAc4gO6ze3SS%3DK~ze3FM%3DcAP(44PgPAze3dS%3D_Xze1r%3D43HzeQR3S.q%3DAzdQGGQe3qLf3Ft%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(Hzdqt%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(HzV1e%3DAzVFdF1FGFqh%3DAzS1tM%3DAPAAOzFqhMQ3Ft%3D(9zdQGGQe3qLf3Ft%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(Hzd7MMGh3qLf3Ft%3D(cAc4gO6zVFQ8L1FGFqh%3DAPAgA4gEzMrd%3DAzSLeeFQeyt%3DAzrf1Ft%3DAPA9Az1RGe%3DAPAAAztqS%3DQ731QztCC3QeMC%3DRLGdQztCC%3DaLeCr.hz1tMSLMt%3DAztLGf%3D7.Fdr.9(zF.dG%3DAzdr1M%3DzaqCG%3D9ztS7q%3D64ztrf1%3DAD9zF1S%3D9z&.qV=A&1teyt=6O(&CSR=6AgOc&htdMe=9&sLqMeQ=9&sLq1Ft=D9AH&SLtrCLF.=qT_DaxSGDxcUq-x6kjrFiUacqSHZMT7HMYcFMAQ6XT~%3D&hMGM=9&FdFt=H&LtV=*Q.QeLG%20JQLeSa&MfFt=M9(AA(A(E69cq(A(HAcAg9c9(&ddGt=%7B%22ddFM%22%3A%22cAP(44PgPA%22%2C%22ddSS%22%3A%22K~%22%2C%22dddS%22%3A%22_X%22%2C%22ddSqh%22%3A%22B.tQ.aQFC%22%7D&aqCGdeS=9&qSR3SCM=9
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
3073de612585b22c6a0468628ffbc95951dea16f36cf4fcfa2fb9955bcb64548
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=0, no-cache, no-store
content-encoding
gzip
content-length
25324
content-type
text/html
date
Mon, 07 Aug 2023 18:12:11 GMT
expires
Mon, 07 Aug 2023 18:12:11 GMT
pragma
no-cache
strict-transport-security
max-age=31536000
timing-allow-origin
*
vary
Accept-Encoding
x-sc-h
22-fdz5
checksync.php
contextual.media.net/ Frame 5C26 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?&gdpr=1&usp_status=0&ckdel=1&cs=2&cv=31&cid=8CU42D0G6&https=1&itype=CM
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
bc72f5e19ff448a15a1ea9a4903a69c96ed35b5b3d5828cdafb0a972aa2c171e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
5916
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:12:11 GMT
expires
Wed, 09 Aug 2023 18:12:11 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
bping.php
lg3.media.net/ Frame 0215 		35 B
176 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bping.php?vgd_len=2406&&vgd_cdv=1043&vgd_cage=0&vgd_tsce=L218&vgd_mcf=40768&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU42D0G6&crid=235364147&vi=1691431931766733168&ugd=4&lf=6&kwrf=https%3A%2F%2Fwww.google.com&cc=DE&sc=BY&lper=100&wsip=170785041&r=1691431931108&rrr=iBpqRw6H390dw3DeHrnmSo5Sn3tv5vo5SK0s7aTw0I-QQL8q6irK-FH11XPCWjX36z_rLKNxr5jhBPBv5V32rJK3BGgsmi019f--uCHfGcY%3D&requrl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&vgde_bdata=~G-MjJzvuuXW~GwEv9~G8Ov9.9u9~G-M1Qzvf9u9uu~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv999999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vPIr4Iq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9f~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9fh~OYYMYuv9.9Hi~OYYMYu9vu.999~OYYMYuuvu.999~OYYMYufv9.F9A~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.99u~OYYMYuFv9.uW9~OYYMYfv9.9HX~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAivuh.999~OYYMYH9vuh.999~OYYMYXvu.999~OYYMYXfv9.9hu~OYYMYXAvu.999~OYYMYXHvX.999~OYYMYXXvu.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.F9A~OYYMYivu.999~OYYMLv9.uW9~JMLEYv9.9Hi~JLEYv9.9Hi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPbM4t04DVc4I_~Yy8vfW9WXhFH~LMNNvr4~LM8EvW9.fXX.h.9~LMQNvD0~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvSiAFHHSN1Qwm.j1SOJQU7mESfFAfA~Q7OvSiAFHHSN1Qwm.j1SOJQU7mESfFAfA~eGLv9~e8Q8G8j875v9~NGOEv9.99F~875EJM8Ovfu~QJjjJLM71yM8OvSiAFHHSN1Qwm.j1SOJQU7mESfFAfA~QxEEj5M71yM8OvfW9WXhFH~e8JB1G8j875v9.9h9Xhi~EmQv9~N1LL8JLVOv9~myG8Ov9.9u9~GkjLv9.999~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~8zQjv9~QmGEv~w7Yjvu~ONx7vHX~OmyGv9ou~8GNvu~&ssld=%7B%22QQ8E%22%3A%22W9.fXX.h.9%22%2C%22QQNN%22%3A%22r4%22%2C%22QQQN%22%3A%22D0%22%2C%22QQN75%22%3A%22PzOJzwJ8Y%22%7D&vgd_ydspr=1&vgd_sbSup=1&vgd_is_amp=0&vgd_asn=201011&vgd_rakh=1691431930153105195&vgd_l1rhst=contextual.media.net&vgd_rpth=%2Fnmedianet.js&vgd_hb_audit_1=8CU62QK31&vgd_hb_audit_2=755701432&vgd_pgid=p12002029418t202308071812&vgd_pgids=1&vgd_pa=tcf&vgd_uspa=0&vgd_mspa=0&vgd_mspad=a&hvsid=00001691431931104013588907526363&gdpr=1&mspa=0&vgd_l2type=scs_newfl&vgd_end=1
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.122.24.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Mon, 07 Aug 2023 18:12:11 GMT
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 07 Aug 2023 18:12:11 GMT
checksync.php
contextual.media.net/ Frame 3FAC 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=10&cv=31&https=1&cid=8CU62QK31&prvid=99%2C77%2C20000%2C2033%2C262%2C460%2C461%2C462%2C3018%2C246%2C4%2C313%2C10000%2C459%2C229%2C9%2C319&itype=APPNEXUS_EXPERIMENT&purpose1=1&gdprconsent=0&gdpr=1&coppa=0&usp_status=0&usp_consent=1
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
46a9498a256ffb13b195540b7b5918c9830333f170f3f61ba8041a305996406b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
max-age=172800
content-encoding
gzip
content-length
8034
content-type
text/html; charset=UTF-8
date
Mon, 07 Aug 2023 18:12:11 GMT
expires
Wed, 09 Aug 2023 18:12:11 GMT
server
Apache
strict-transport-security
max-age=31536000
vary
Accept-Encoding
x-mnet-hl2
E
clog
hblg.media.net/ Frame 0215 		35 B
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hblg.media.net/clog?logid=awlog&pixel_len_bucket=5329&lper=1&itypeid=21&itype=APPNEXUS_EXPERIMENT&cc=DE&cid=8CU62QK31&reqid=4710900265941101840&vid=4710900265941101840&dn=casho.la&rawDn=casho.la&pid=8PR113JGC&ugd=4&fleet=common&requrl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&cliIPType=v4&coppa_status=N&coppa_applied=N&coppa_enf=true&lmt_enf=true&dnt_status=N&dnt_enf=false&geo_source=2&sc=RP&ct=Undenheim&zip=55278&pubid=pub-appnexus-exp-eu&tgtval=pub-appnexus-exp-eu&csip=rtb-common-7bcbc7f598-xzrnm.BE&dtc=eu_be&zone=b&ptype=23&tmax=150&xtmax=142&gdpr=1&gpp_present=false&csex=0&app=0&sat=1&devbrand=Unknown&devmodel=Unknown&device_id=4&asn=201011&sckfl=1&smbrid=9027&usp_status=0&usp_enf=1&mspa_enforced=false&pexid=APPNEXUS_EXPERIMENT-2235603&geoll=false&is_ortb=true&s_ip=185.89.211.11&s_city=amsterdam&commit_id=15ab34a6&ocurr=USD&omul=1.0&currsrc=API&currsrc_date=2023-08-04+00%3A00%3A00&schain_cmpl=1&schain_nodes_count=2&dummy_vsid=false&second_call=false&supply_cc=DE&ipcc=DE&is_msnnative_src=false&rtttime=16&req_tid_present=true&pvid=462&prvAccId=235364147&prvApiId=8CU42D0G6&adj0=0.0&adj1=0.0&adj2=0.0&pst=0&crid=755701432&prspt=headerBid&prvReqId=26938159299907_233253857_75570143224621&reqsize=300x250&size=300x250&chnl=HARMONY&bdp=0.010&cbdp=0.006&og_cbdp=0.010&ogbdp=0.01&pv_adtype=0&res_mtype=0&mnet_ckfl=0&ckfl=0&be=0&advUrl=https%3A%2F%2Fgeneralsearch.net&dfpBd=0.006&dt=O&dbf=1&epc=235364147&s=1&snm=SUCCESS&pcrid=8CU42D0G6-235364147-32-2&tpbTkn=false&exid=220&bidflr=0.000&pbidflr=0.000&opbidflr=0.000&spbf=0&viewability=7&sbdrid=99&exp=ssProfile%3D0%7Csfl%3Dfalse%7CssBucket%3D0%7Cbfl%3D-100%7Csch%3D1%7Cclt%3D3%7Ctpi%3D1%7Cfl_rl%3D1%7Cdbr%3D1%7Csfl%3Dfalse%7Cbfl%3D-100%7Ctpi%3D1&mnrf=0&ortbseat=462&brsrclk=0&bidrestime=1691431929827&fpuReq=1&bfs=103&acsn=1&dmm_erpm=true&dmm_ogerpm=false&bcrid=450043544&strg=HARMONY&stagid=28085764&vls=0&scrid=450043544&mang=1&pvdTmax=103&fpusp=false&ae=false&epcexp=false&moau=true&ucrid_ver=2&omid=0&mnet_static_share=0.0&apTags%3C%3E=75&apPrfs%3C%3E=62%23%2365%23%2313%23%2316%23%2343%23%2361&incentive_type=0&aogbdp=0.0&spIvt=3&spSource=0&spTo=3&spIsReq=3&spFst=0&spCst=0&mx_sbp=-10.0&mx_sua_cvg=0000000&mx_tid_sent=false&mx_epbc=8CU42D0G6&mx_SPRIG=0&mx_bsBucket=0&mx_ssProfile=0&mx_lr=0&mx_TAS=1&mx_ep_sent%3C%3E=badv&mx_g_one_uid_sent=None&mx_uid_sent=0&mx_bsBucketRa=0&mx_sid=8CU42D0G6&mx_SC=1&mx_lr_seg_deal=0&mx_aqcpl_crid=0&mx_nsz=2&mx_GCID=0&mx_maq_call=false&mx_aurt=0&mx_bsBucketKtwRl=0&mx_divid=28085764&mx_tgs=300x250%7C300x600&mx_bsProfileRa=0&mx_IAB2=0&mx_gpid_format=DEFAULT&mx_bss_algos%3C%3E=0&mx_aurl_hc=0&mx_aabpc=0&mx_PC=1&mx_UCC=1&mx_gpid=28085764&mx_isLossNtf=false&mx_bsProfileKtwRl=0&mx_bsProfile=0&mx_ssBucket=0&mx_TAF=3&mx_gpid_sent=true&mx_commit_id=e3a512bc44&ydsp_test_id_entity=121&ydsp_bucket_id_entity=411&ydsp_bucket_name_entity=Control+A&is_video_cmp=false&acid=41d25228dd4c4da7ab8a5c7618841d24&rtime=4.0&wsip=mowx-f9dd579fd-f9pfh&ltime=10.0&act=headerBid&abs=0%7C0%7Cxtmax%3D142%7Cbrr%3D1&adtypes=0&impId=6025816563236839368&reftime=15000&reftype=0&keywordSellerId=false&dsid=28085764&insl=0&gpid=%2F93644%2Fcasho.la%2Fdesktop%2F26323&mowxReqId=41d25228dd4c4da7ab8a5c7618841d24_1&ecp=0.3&renderer=0&ifst=0&iframingState=0&ifdp=0&slotVisibility=0&adpos=0&media=0&native_asset=0&req_mtype%3C%3E=0&ctr=-1.0&rfc=-1&skadidfl=0&dfpDiv=28085764&supplyTagId=28085764&mnrfc=-1&v_plcmt_override=0&v_placement_override=0&viewability_vendor=EXCHANGE&vcmplrt=-1.0&imp_tid_present=false&actltime=11&debug_ts=2023-08-07+18%3A12%3A09&__expireat=1691432530081&mview=1&rme=adm&bdata=~bx_len%3D1158~bhp%3D0~bid%3D0.010~bx_asn%3D201011~bx_exp%3D0~bx_ginsu%3D0~bx_intmd%3D0~bx_rh%3D47DEQpj8HB~bx_rpc%3D0000001~bx_size%3D300x250~bx_tmax%3D100~bx_tml_suffix%3D%2F~city%3DUNDENHEIM~ck_fl%3D0~dc%3Dgcp-eu-west1-b~dmm_d1%3D0~dmm_d10%3D0~dmm_d12%3D1~dmm_d14%3D0~dmm_d15%3D1~dmm_d16%3D3~dmm_d17%3D0~dmm_d18%3D5~dmm_d2%3DT~dmm_d21%3D-1~dmm_d22%3D0.02~dmm_d24%3D5~dmm_d25%3Ddef_def~dmm_d28%3D5~dmm_d29%3D0.00~dmm_d3%3D0~dmm_d30%3D0~dmm_d32%3D0~dmm_d33%3D0~dmm_d36%3DNA~dmm_d37%3DT~dmm_d4%3D10~dmm_d40%3D0~dmm_d42%3D0~dmm_d43%3D0~dmm_d44%3Dprod~dmm_d45%3D0~dmm_d46%3DR~dmm_d51%3D0~dmm_d52%3D0.00~dmm_d56%3D0~dmm_d7%3D0~dmm_d8%3D0~dmm_l%3D0.027~dmm_m1%3D0.049~dmm_m10%3D1.000~dmm_m11%3D1.000~dmm_m12%3D0.603~dmm_m13%3D1.000~dmm_m14%3D1.000~dmm_m15%3D1.001~dmm_m16%3D0.180~dmm_m2%3D0.045~dmm_m21%3D1.000~dmm_m23%3D1.000~dmm_m24%3D1.000~dmm_m25%3D1.000~dmm_m29%3D1.000~dmm_m3%3D1.000~dmm_m30%3D1.000~dmm_m34%3D1.000~dmm_m39%3D17.000~dmm_m40%3D17.000~dmm_m5%3D1.000~dmm_m52%3D0.071~dmm_m53%3D1.000~dmm_m54%3D5.000~dmm_m55%3D1.000~dmm_m57%3D1.000~dmm_m6%3D1.000~dmm_m7%3D0.603~dmm_m9%3D1.000~dmm_r%3D0.180~e_rpm%3D0.049~erpm%3D0.049~hc%3D0%20%2B%200~iha%3D0~itype%3DAPPNEXUS_EXPERIMENT~mgi%3D28085764~r_cc%3DDE~r_ip%3D80.255.7.0~r_sc%3DRP~rbo%3D5_3~ref_cnt%3D0~seller_tag_id%3D%2F93644%2Fcasho.la%2Fdesktop%2F26323~std%3D%2F93644%2Fcasho.la%2Fdesktop%2F26323~vbr%3D0~visibility%3D0~cbdp%3D0.006%7Eitype_id%3D21%7Eseller_tag_id%3D%2F93644%2Fcasho.la%2Fdesktop%2F26323%7Esupply_tag_id%3D28085764%7Eviewability%3D0.070579%7Epos%3D0%7EcarrierId%3D0%7Eogbid%3D0.010%7Ebflr%3D0.000%7Edtc%3Deu_be%7Edmm_erpm%3Dfalse%7Edmm%3Dharmony%7Ebdpcapd%3D0%7Edalg%3Dunison12%7Einsl%3D0%7Esobp%3D%7Ehtml%3D1%7Edcut%3D45%7Edogb%3D0-1~ibc%3D1~&utime=1341&sf=0&cpr=0.35277416173491516
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.212.88.20 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-212-88-20.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
Security Headers
Name Value
Strict-Transport-Security max-age=86400 ; includeSubDomains

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:11 GMT
strict-transport-security
max-age=86400 ; includeSubDomains
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
35
expires
Mon, 07 Aug 2023 18:12:11 GMT
async_usersync.html
acdn.adnxs.com/dmp/ Frame DF68 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html?gdpr=0&seller_id=9027&pub_id=2235603
Requested by
Host: www.casho.la
URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.160.186 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-160-186.deploy.static.akamaitechnologies.com
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Mon, 07 Aug 2023 18:12:11 GMT
ETag
"623de86a-cf34"
Expires
Tue, 08 Aug 2023 18:12:13 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
rd_log
ams3-ib.adnxs.com/ Frame 0215 		0
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/rd_log?an_audit=0&referrer=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&e=wqT_3QLLBPBMSwIAAAMA1gAFAQj558SmBhDIv5arz4eA0FMYneLapJ_Tr8NPKjYJ-n5qvHSTeD8RSkIibeNPdD8ZAAAAQDMz0z8hSkIibeNPdD8p-n4JJAAxARvI4XqEPzCEnLINOMNGQOpcSOADUJi9zNYBWKScowFgAGip_sYBeO7xBYABAYoBA1VTRJIBAQb0SAGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCueED4ALWl1zqAlVodHRwczovL3d3dy5jYXNoby5sYS9qb2UtYmlkZW4taGludHMtYS1wb3RlbnRpYWwtdGF4LWhpa2Utb24tb2lsLWNvbXBhbmllcy12ZXJ5LXNvb24vgAMAiAMBkAMAmAMXoAMBqgMAwAPYBMgDANgDqorQAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDSoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBJi9zNYBiAUBmAUAoAWQ2tnd0dqesEHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAkxJNAGsPEB2gYWChABEC4BAHAQABgA4AYB8gYCCACABwGIBwCgBwHIB-7xBdIHDRVlASYM2gcGCAUJfOAHAOoHAggA8AeJygKKCAIQAJUIAACAP5gIAcAIueED&s=17dd056c26dc9a6053512d1f5013e9eee1449e42&bdref=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&bdtop=true&bdifs=1&bstk=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F,https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:11 GMT
an-x-request-uuid
25673442-afdd-4139-9e2d-5d345a61731b
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 0215 		0
659 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&e=wqT_3QKNBfBMjQIAAAMA1gAFAQj558SmBhDIv5arz4eA0FMYneLapJ_Tr8NPKjYJ-n5qvHSTeD8RSkIibeNPdD8ZAAAAQDMz0z8hSkIibeNPdD8p-n4JJAAxARvI4XqEPzCEnLINOMNGQOpcSOADUJi9zNYBWKScowFgAGip_sYBeO7xBYABAYoBA1VTRJIBAQb0_QGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCueED4ALWl1zqAlVodHRwczovL3d3dy5jYXNoby5sYS9qb2UtYmlkZW4taGludHMtYS1wb3RlbnRpYWwtdGF4LWhpa2Utb24tb2lsLWNvbXBhbmllcy12ZXJ5LXNvb24vgAMAiAMBkAMAmAMXoAMBqgNCEhg0NzEwOTAwMjY1OTQxMTAxODQwX3NiaWQaEzYwMjU4MTY1NjMyMzY4MzkzNjgiCTQ1MDA0MzU0NCoGTTExODgywAPYBMgDANgDqorQAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDSoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBJi9zNYBiAUBmAUAoAWQ2tnd0dqesEHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGsPEB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfu8QXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4nKAooIAhAAlQgAAIA_mAgBwAi54QM.&s=1bf096669bb9393c812fe190675bce416fddb383&type=nv&nvt=5&jm=1003&px=1100&py=630&bw=300&bh=250&sid=2969307611908095445&vd=ct~0|rr~0&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28085764&sw=1600&sh=1200&pw=1600&ph=4566&ww=1600&wh=1200&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:11 GMT
an-x-request-uuid
950c4dee-a8bc-4304-9e3d-c77a70b22f22
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
truncated
/ Frame A885 		107 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame A885 		2 KB
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Content-Type
image/png
OpenSans_Semibold.woff
contextual.media.net/__media__/fonts/OpenSans_Semibold/ Frame A885 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/__media__/fonts/OpenSans_Semibold/OpenSans_Semibold.woff
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=n*%7C3%7CnH9A*&VF=9OE96H9EH9gOOgHH9Oc&ftMe=9&CdML=A&qdSQ=x(9c&SFt=ciB6(KA*O&SMSt=BuGfq11I51KIt_gaqUuvp2%3D%3D&SeFt=(H4HO696g&dFTQ=HAA0(4A&SS=K~&dS=Wb&Sa.C=)Z_n-ub&MFt=cX-Z*5-Hn&qMFt=vOZH4(4&aqqMd=9&eee=FWMw_8O)HEAt8HKQ)e.CJr4J.HqV4Vr4JUAdgLv8AyD22xcwOFeUDp)99mXi5ImHOT3exUu0e4IaWXWV4YH(ekUHW*fdCFA9ERDD7i)R*Sb%3D&s8eR=aqqMd%3A%2F%2F888PfrrfGQPSrC&Qs8eR=8gg~2%3AJJWWWPhCChIkPuCb&.dQ=4&G8=9&7ft=6&Ltq9=ciBO(2UH9&Ltq(=g44gA96H(&1tLqL=z103GQ.%3D994cz1aM%3DAz1Ft%3DAPA9Az103Ld.%3D(A9A99z103Q0M%3DAz103fF.d7%3DAz103F.qCt%3DAz103ea%3D6gK~2MIc)Wz103eMS%3DAAAAAA9z103dFTQ%3DHAA0(4Az103qCL0%3D9AAz103qCG3d7RRF0%3D%2FzSFqh%3DBuK~u)~ynzSs3RG%3DAztS%3DfSMDQ7D8Qdq9D1ztCC3t9%3DAztCC3t9A%3DAztCC3t9(%3D9ztCC3t96%3DAztCC3t94%3D9ztCC3t9O%3DHztCC3t9g%3DAztCC3t9c%3D4ztCC3t(%3DvztCC3t(9%3DD9ztCC3t((%3DAPA(ztCC3t(6%3D4ztCC3t(4%3DtQR3tQRztCC3t(c%3D4ztCC3t(E%3DAPAAztCC3tH%3DAztCC3tHA%3DAztCC3tH(%3DAztCC3tHH%3DAztCC3tHO%3DuZztCC3tHg%3DvztCC3t6%3D9AztCC3t6A%3DAztCC3t6(%3DAztCC3t6H%3DAztCC3t66%3DMertztCC3t64%3DAztCC3t6O%3D_ztCC3t49%3DAztCC3t4(%3DAPAAztCC3t4O%3DAztCC3tg%3DAztCC3tc%3DAztCC3G%3DAPA(gztCC3C9%3DAPA6EztCC3C9A%3D9PAAAztCC3C99%3D9PAAAztCC3C9(%3DAPOAHztCC3C9H%3D9PAAAztCC3C96%3D9PAAAztCC3C94%3D9PAA9ztCC3C9O%3DAP9cAztCC3C(%3DAPA64ztCC3C(9%3D9PAAAztCC3C(H%3D9PAAAztCC3C(6%3D9PAAAztCC3C(4%3D9PAAAztCC3C(E%3D9PAAAztCC3CH%3D9PAAAztCC3CHA%3D9PAAAztCC3CH6%3D9PAAAztCC3CHE%3D9gPAAAztCC3C6A%3D9gPAAAztCC3C4%3D9PAAAztCC3C4(%3DAPAg9ztCC3C4H%3D9PAAAztCC3C46%3D4PAAAztCC3C44%3D9PAAAztCC3C4g%3D9PAAAztCC3CO%3D9PAAAztCC3Cg%3DAPOAHztCC3CE%3D9PAAAztCC3e%3DAP9cAzQ3eMC%3DAPA6EzQeMC%3DAPA6EzaS%3DA%20%2B%20AzFaL%3DAzFqhMQ%3DZXXu~mBJ3~mX~_yn~uvzCfF%3D(cAc4gO6ze3SS%3DK~ze3FM%3DcAP(44PgPAze3dS%3D_Xze1r%3D43HzeQR3S.q%3DAzdQGGQe3qLf3Ft%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(Hzdqt%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(HzV1e%3DAzVFdF1FGFqh%3DAzS1tM%3DAPAAOzFqhMQ3Ft%3D(9zdQGGQe3qLf3Ft%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(Hzd7MMGh3qLf3Ft%3D(cAc4gO6zVFQ8L1FGFqh%3DAPAgA4gEzMrd%3DAzSLeeFQeyt%3DAzrf1Ft%3DAPA9Az1RGe%3DAPAAAztqS%3DQ731QztCC3QeMC%3DRLGdQztCC%3DaLeCr.hz1tMSLMt%3DAztLGf%3D7.Fdr.9(zF.dG%3DAzdr1M%3DzaqCG%3D9ztS7q%3D64ztrf1%3DAD9zF1S%3D9z&.qV=A&1teyt=6O(&CSR=6AgOc&htdMe=9&sLqMeQ=9&sLq1Ft=D9AH&SLtrCLF.=qT_DaxSGDxcUq-x6kjrFiUacqSHZMT7HMYcFMAQ6XT~%3D&hMGM=9&FdFt=H&LtV=*Q.QeLG%20JQLeSa&MfFt=M9(AA(A(E69cq(A(HAcAg9c9(&ddGt=%7B%22ddFM%22%3A%22cAP(44PgPA%22%2C%22ddSS%22%3A%22K~%22%2C%22dddS%22%3A%22_X%22%2C%22ddSqh%22%3A%22B.tQ.aQFC%22%7D&aqCGdeS=9&qSR3SCM=9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.30.24.22 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Referer
https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=n*%7C3%7CnH9A*&VF=9OE96H9EH9gOOgHH9Oc&ftMe=9&CdML=A&qdSQ=x(9c&SFt=ciB6(KA*O&SMSt=BuGfq11I51KIt_gaqUuvp2%3D%3D&SeFt=(H4HO696g&dFTQ=HAA0(4A&SS=K~&dS=Wb&Sa.C=)Z_n-ub&MFt=cX-Z*5-Hn&qMFt=vOZH4(4&aqqMd=9&eee=FWMw_8O)HEAt8HKQ)e.CJr4J.HqV4Vr4JUAdgLv8AyD22xcwOFeUDp)99mXi5ImHOT3exUu0e4IaWXWV4YH(ekUHW*fdCFA9ERDD7i)R*Sb%3D&s8eR=aqqMd%3A%2F%2F888PfrrfGQPSrC&Qs8eR=8gg~2%3AJJWWWPhCChIkPuCb&.dQ=4&G8=9&7ft=6&Ltq9=ciBO(2UH9&Ltq(=g44gA96H(&1tLqL=z103GQ.%3D994cz1aM%3DAz1Ft%3DAPA9Az103Ld.%3D(A9A99z103Q0M%3DAz103fF.d7%3DAz103F.qCt%3DAz103ea%3D6gK~2MIc)Wz103eMS%3DAAAAAA9z103dFTQ%3DHAA0(4Az103qCL0%3D9AAz103qCG3d7RRF0%3D%2FzSFqh%3DBuK~u)~ynzSs3RG%3DAztS%3DfSMDQ7D8Qdq9D1ztCC3t9%3DAztCC3t9A%3DAztCC3t9(%3D9ztCC3t96%3DAztCC3t94%3D9ztCC3t9O%3DHztCC3t9g%3DAztCC3t9c%3D4ztCC3t(%3DvztCC3t(9%3DD9ztCC3t((%3DAPA(ztCC3t(6%3D4ztCC3t(4%3DtQR3tQRztCC3t(c%3D4ztCC3t(E%3DAPAAztCC3tH%3DAztCC3tHA%3DAztCC3tH(%3DAztCC3tHH%3DAztCC3tHO%3DuZztCC3tHg%3DvztCC3t6%3D9AztCC3t6A%3DAztCC3t6(%3DAztCC3t6H%3DAztCC3t66%3DMertztCC3t64%3DAztCC3t6O%3D_ztCC3t49%3DAztCC3t4(%3DAPAAztCC3t4O%3DAztCC3tg%3DAztCC3tc%3DAztCC3G%3DAPA(gztCC3C9%3DAPA6EztCC3C9A%3D9PAAAztCC3C99%3D9PAAAztCC3C9(%3DAPOAHztCC3C9H%3D9PAAAztCC3C96%3D9PAAAztCC3C94%3D9PAA9ztCC3C9O%3DAP9cAztCC3C(%3DAPA64ztCC3C(9%3D9PAAAztCC3C(H%3D9PAAAztCC3C(6%3D9PAAAztCC3C(4%3D9PAAAztCC3C(E%3D9PAAAztCC3CH%3D9PAAAztCC3CHA%3D9PAAAztCC3CH6%3D9PAAAztCC3CHE%3D9gPAAAztCC3C6A%3D9gPAAAztCC3C4%3D9PAAAztCC3C4(%3DAPAg9ztCC3C4H%3D9PAAAztCC3C46%3D4PAAAztCC3C44%3D9PAAAztCC3C4g%3D9PAAAztCC3CO%3D9PAAAztCC3Cg%3DAPOAHztCC3CE%3D9PAAAztCC3e%3DAP9cAzQ3eMC%3DAPA6EzQeMC%3DAPA6EzaS%3DA%20%2B%20AzFaL%3DAzFqhMQ%3DZXXu~mBJ3~mX~_yn~uvzCfF%3D(cAc4gO6ze3SS%3DK~ze3FM%3DcAP(44PgPAze3dS%3D_Xze1r%3D43HzeQR3S.q%3DAzdQGGQe3qLf3Ft%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(Hzdqt%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(HzV1e%3DAzVFdF1FGFqh%3DAzS1tM%3DAPAAOzFqhMQ3Ft%3D(9zdQGGQe3qLf3Ft%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(Hzd7MMGh3qLf3Ft%3D(cAc4gO6zVFQ8L1FGFqh%3DAPAgA4gEzMrd%3DAzSLeeFQeyt%3DAzrf1Ft%3DAPA9Az1RGe%3DAPAAAztqS%3DQ731QztCC3QeMC%3DRLGdQztCC%3DaLeCr.hz1tMSLMt%3DAztLGf%3D7.Fdr.9(zF.dG%3DAzdr1M%3DzaqCG%3D9ztS7q%3D64ztrf1%3DAD9zF1S%3D9z&.qV=A&1teyt=6O(&CSR=6AgOc&htdMe=9&sLqMeQ=9&sLq1Ft=D9AH&SLtrCLF.=qT_DaxSGDxcUq-x6kjrFiUacqSHZMT7HMYcFMAQ6XT~%3D&hMGM=9&FdFt=H&LtV=*Q.QeLG%20JQLeSa&MfFt=M9(AA(A(E69cq(A(HAcAg9c9(&ddGt=%7B%22ddFM%22%3A%22cAP(44PgPA%22%2C%22ddSS%22%3A%22K~%22%2C%22dddS%22%3A%22_X%22%2C%22ddSqh%22%3A%22B.tQ.aQFC%22%7D&aqCGdeS=9&qSR3SCM=9
Origin
https://contextual.media.net
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:11 GMT
strict-transport-security
max-age=31536000
last-modified
Mon, 16 May 2016 10:39:41 GMT
server
Apache
content-type
font/woff
access-control-allow-origin
*
cache-control
max-age=86400
accept-ranges
bytes
content-length
21704
expires
Tue, 08 Aug 2023 18:12:11 GMT
12o46q643rns6rr808p0q9n746535qnr-00003.ts
d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/ 		1 MB
1 MB 		XHR
General
Check archive.org
Download Go to
Full URL
https://d29xw9s9x32j3w.cloudfront.net/videos/m3u8/1000k/12o46q643rns6rr808p0q9n746535qnr-00003.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.97.62 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-97-62.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
via
1.1 666eddda46892ed48d8d771b6142ac24.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-P2
x-amz-server-side-encryption
AES256
x-cache
Miss from cloudfront
x-amz-storage-class
REDUCED_REDUNDANCY
content-disposition
attachment
content-length
1408496
last-modified
Mon, 07 Aug 2023 16:45:09 GMT
server
AmazonS3
etag
"b193e1a4d72a23fa4bdc563bca67dff5"
vary
Origin
access-control-allow-methods
GET, HEAD, POST
content-type
video/mp2t
access-control-allow-origin
*
access-control-expose-headers
Access-Control-Allow-Origin, Access-Control-Allow-Credentials
cache-control
max-age=86400
accept-ranges
bytes
x-amz-cf-id
a9KDF_zkWwDICBWC22lN7SI1YeZShAwE4QKAhE1L8uL6MnsWzv551w==
ads
pagead2.googlesyndication.com/gampad/ Frame 722D 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F22082859479%2C22821854111%2Fcasho_la_gpt2_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=1464505489357817&adsafe=medium&hl=en&vpos=preroll&ad_type=audio_video&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&cust_params=max_ad_duration%3D900&vpa=auto&vpmute=0&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4222459873&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=11071&dt=1691431931801&scor=1559280096677347&ged=ve4_td25_tt21_pd25_la25000_er0.0.0.0_vi0.0.1200.1600_vp0_ts2_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:11 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
bql.php
lg3.media.net/ Frame A885 		15 B
160 B 		Script
General
Check archive.org
Download Go to
Full URL
https://lg3.media.net/bql.php?vgd_len=5992&&vgd_canary=0&vgd_l2type=scs_newfl&fp=4QS0SOV6-K1a2xA57zh-43FEcs53zZVG41vnG8U0IUUE8wHs5yDarLpk8krJ0XXFmB_Hs3Qx1Wsl5mSfR1njiVHcKB5UufR54kcB4LYYyrDTulH54GxB97bPELkMjWqM&cme=woUXVUCoSbXdazKUVMPQXymNUEECZCRdrgRCEtDNQjUol09W-PRXDC2IEOFqxOKZwtTcTWlNJ6O8vx9A0biOxUQQUS-c2uIxhdsreBsUPD8s-mSKnY3d7MKPZq9HVHWbGoCsJqXL-qp_5RBmjAZGF7orCgJ-6g9rid9c01mjx4TnbAuQ6FjFlWZnst9b3VRLSD0YavjNloBJuX7L22v-Ba08p6HOBtQzR5PYtzmghCU%3D%7C%7CMAIsJEAI5JuWG1uYkUPMEL_6XvH7VSb4jxeRoZ6QBkI6Z9Xjs5UcgFdxRreCj6n8j-LpwQtNcu5W_fN12KSarkH3Zz8cql18ZWfqXSLC6aE%3D%7Cxrl5Md8q4-__TO4Pmbv58DH9RwfbeYpI2TSWu6RLpkE%3D%7CEknZICPSHYazL-b8a2jAreGSusI4AH7cOMlmpCgmK5nJUODy9yiodafelM0byPLCHBGq1BVKCwNJn3xJ2OnElSY3vecWn-cANpjO00nGFkBdgyP7-gQQOqgAGDAmVhXizfwclJQZ3hnI4x0Yt9luJT_V-ne6jv2YgOq08WBMDNAepSM0wdQxCQO1d7-T6U3btJFd-wBVQMcWzePneBCaM0PK4dy-YUb5yvIGq7e_oJ1a64WSana3CKbJzaF6HOnQdyMXoLYfBY4iVBRkh7Xe6Qtmw_1SRJbb%7Cu8A6SM53vAcFC3dEDkM7xzP493VwZapz%7CR0pGwT-1wLeYLkAoM4jmffREH0dcmsnT%7CdsA6EMpZ47R6ljdz__nQtthZoUpm2bb5%7C&subBdr=99&bdrid=462&ksu=266&fdkt=391&vgde_kbbh=ffoyxQJuO&kwd[]=%E2%80%8ESchnell+abnehmen+am+Bauch&kwt[]=391&kbc[]=1262271066&kwp[]=1&kid[]=350738837&kbc2[]=pmb%3D1%7Cbkt%3D391%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0645%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0002%7C8%3D080708%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0539%7C14%3D080711%7C15%3D0%7Cr%3D1%7Cps%3D0.377&ktd[]=4503874522251520&kwd[]=Private+Krankenversicherung+vergleichen&kwt[]=391&kbc[]=1262271066&kwp[]=2&kid[]=23182544&kbc2[]=pmb%3D1%7Cbkt%3D391%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0167%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0001%7C8%3D080708%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.1379%7C14%3D080711%7C15%3D0%7Cr%3D2%7Cps%3D0.377&ktd[]=274894881024&kwd[]=G%C3%BCnstige+Druckerpatronen+auf+Rechnung&kwt[]=391&kbc[]=1262271066&kwp[]=3&kid[]=350738834&kbc2[]=pmb%3D1%7Cbkt%3D391%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0167%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0001%7C8%3D080708%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0433%7C14%3D080711%7C15%3D0%7Cr%3D3%7Cps%3D0.377&ktd[]=4503874522251520&kwd[]=Ausgefallene+M%C3%A4nnergeschenke&kwt[]=391&kbc[]=1262271066&kwp[]=4&kid[]=350738829&kbc2[]=pmb%3D1%7Cbkt%3D391%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0343%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0001%7C8%3D080708%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0424%7C14%3D080711%7C15%3D0%7Cr%3D4%7Cps%3D0.377&ktd[]=4503874522251520&kwd[]=Die+besten+Vitamin-D-Pr%C3%A4parate+im+Test&kwt[]=391&kbc[]=1262271066&kwp[]=5&kid[]=350728421&kbc2[]=pmb%3D1%7Cbkt%3D391%7C5%3D-1%7C6%3D-1%7C16%3D-1%7C23%3D0.0173%7C24%3D0%7C25%3D0%7C22%3D0.0001%7C7%3D0.0001%7C8%3D080708%7C9%3D0%7C11%3D0%7C26%3D0%7C27%3D0%7C13%3D0.0378%7C14%3D080711%7C15%3D0%7Cr%3D5%7Cps%3D0.377&ktd[]=274894881024&v=1&gdpr=1&geo=52.52%7C13.41&dlper=20&lper=100&lpid=&tsid=1&hint=&cc=DE&wsip=170774850&bca=0&ugd=4&vgde_setid=Nff&ssld=%7B%22QQNN%22%3A%22r4%22%2C%22QQN75%22%3A%22PzOJzwJ8Y%22%2C%22QQ8E%22%3A%22W9.fXX.h.9%22%2C%22QQQN%22%3A%22D0%22%7D&cid=8CU42D0G6&vi=1691431931766733168&vsid=DefVid&tdAdd[]=asnum%3D201011&vgde_test_data_struct=%7B%22EO7E8O%22%3Au%7D&vgd_adprefflag=01&vgd_fm_lang=DE&vgd_implt=3&vgd_cage=3&vgd_tsce=L218-S218&vgd_l3_sc=BY&vgd_chost=contextual.media.net&vgd_sslb=1111&vgd_hb_audit_1=8CU62QK31&vgd_hb_audit_2=755701432&vgd_refdomain=google.com&vgd_katbid=-103&vgd_pdtid=1&vgd_nrrv=60221&vgd_nrrmf=3000c84a&vgd_nrrsf=scrr&vgd_cty=berlin&vgd_ifrmode=13&sttm=1691431931104&upk=1691431931.9357&hvsid=00001691431931104013588907526363&verid=3111299&sbdrId=99&tsrc=entity&vgd_mspa=0&vgd_l1rakh=1691431930153105195&vgd_ecrid=450043544&vgd_pa=tcf&vgd_mspad=a&vgd_isiolc=1&kbbq=%26asn%3D201011&vgde_ydsp=%7B%227JQ7VO4z7875%22%3A%22ufu%22%2C%22GxNUJ7VO4z7875%22%3A%22Huu%22%2C%22GxNUJ7I1YJ4z7875%22%3A%22%3Dmz7LmjnK%22%7D&vgd_mcf=40768&vgd_vstrid=DefVid&vgde_bdata=~G-MjJzvuuXW~GwEv9~G8Ov9.9u9~G-M1Qzvf9u9uu~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv999999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vPIr4Iq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9f~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9fh~OYYMYuv9.9Hi~OYYMYu9vu.999~OYYMYuuvu.999~OYYMYufv9.F9A~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.99u~OYYMYuFv9.uW9~OYYMYfv9.9HX~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAivuh.999~OYYMYH9vuh.999~OYYMYXvu.999~OYYMYXfv9.9hu~OYYMYXAvu.999~OYYMYXHvX.999~OYYMYXXvu.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.F9A~OYYMYivu.999~OYYMLv9.uW9~JMLEYv9.9Hi~JLEYv9.9Hi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPbM4t04DVc4I_~Yy8vfW9WXhFH~LMNNvr4~LM8EvW9.fXX.h.9~LMQNvD0~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvSiAFHHSN1Qwm.j1SOJQU7mESfFAfA~Q7OvSiAFHHSN1Qwm.j1SOJQU7mESfFAfA~eGLv9~e8Q8G8j875v9~NGOEv9.99F~875EJM8Ovfu~QJjjJLM71yM8OvSiAFHHSN1Qwm.j1SOJQU7mESfFAfA~QxEEj5M71yM8OvfW9WXhFH~e8JB1G8j875v9.9h9Xhi~EmQv9~N1LL8JLVOv9~myG8Ov9.9u9~GkjLv9.999~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~8zQjv9~QmGEv~w7Yjvu~ONx7vHX~OmyGv9ou~8GNvu~&vgd_cfud=230301&vgd_scsver=161&vgd_optout=0&vgd_ydspr=1&vgd_l2shld=1&vgd_rensize=300_250&vgd_scr_h=1200&vgd_scr_w=1600&vgd_ect=4g&vgd_l1rpth=%2Fnmedianet.js&vgd_lbt=1000&vgd_mbr=1&vgd_pgids=1&tdAdd[]=uiparams%3D%3Brend_w%3A340%3Brend_h%3A250&vgd_uspa=0&vgd_sc=BY&vgd_l1rhst=contextual.media.net&hvsid=00001691431931104013588907526363&rc=0&rand=1691431931740&acid=41d25228dd4c4da7ab8a5c7618841d24&matm=1691431931741&vgd_ltimesrc=1&vgd_ltime=752&vgd_rtime=666&vgd_etm=11&vgd_l1hcsd=Svx5n%7C5181&vgd_tcf_cmp=1&vgd_l1ch=1&vgd_lhl=1250&vgd_pgid=p12002029418t202308071812&vgd_csip=rtb-common-7bcbc7f598-xzrnm.BE&vgd_sbSup=0&vgd_nrrs=60221&vgd_cdv=1042&vgd_cntrdt=SL%7CDIV-sas_26323%7CDIV-93644-3&vgd_crefurl=https%3A%2F%2Fwww.google.com%2F&vgd_eadm=1&vgd_end=1
Requested by
Host: contextual.media.net
URL: https://contextual.media.net/sr/2722522032/SAFEFRAME.html?&kkdd=n*%7C3%7CnH9A*&VF=9OE96H9EH9gOOgHH9Oc&ftMe=9&CdML=A&qdSQ=x(9c&SFt=ciB6(KA*O&SMSt=BuGfq11I51KIt_gaqUuvp2%3D%3D&SeFt=(H4HO696g&dFTQ=HAA0(4A&SS=K~&dS=Wb&Sa.C=)Z_n-ub&MFt=cX-Z*5-Hn&qMFt=vOZH4(4&aqqMd=9&eee=FWMw_8O)HEAt8HKQ)e.CJr4J.HqV4Vr4JUAdgLv8AyD22xcwOFeUDp)99mXi5ImHOT3exUu0e4IaWXWV4YH(ekUHW*fdCFA9ERDD7i)R*Sb%3D&s8eR=aqqMd%3A%2F%2F888PfrrfGQPSrC&Qs8eR=8gg~2%3AJJWWWPhCChIkPuCb&.dQ=4&G8=9&7ft=6&Ltq9=ciBO(2UH9&Ltq(=g44gA96H(&1tLqL=z103GQ.%3D994cz1aM%3DAz1Ft%3DAPA9Az103Ld.%3D(A9A99z103Q0M%3DAz103fF.d7%3DAz103F.qCt%3DAz103ea%3D6gK~2MIc)Wz103eMS%3DAAAAAA9z103dFTQ%3DHAA0(4Az103qCL0%3D9AAz103qCG3d7RRF0%3D%2FzSFqh%3DBuK~u)~ynzSs3RG%3DAztS%3DfSMDQ7D8Qdq9D1ztCC3t9%3DAztCC3t9A%3DAztCC3t9(%3D9ztCC3t96%3DAztCC3t94%3D9ztCC3t9O%3DHztCC3t9g%3DAztCC3t9c%3D4ztCC3t(%3DvztCC3t(9%3DD9ztCC3t((%3DAPA(ztCC3t(6%3D4ztCC3t(4%3DtQR3tQRztCC3t(c%3D4ztCC3t(E%3DAPAAztCC3tH%3DAztCC3tHA%3DAztCC3tH(%3DAztCC3tHH%3DAztCC3tHO%3DuZztCC3tHg%3DvztCC3t6%3D9AztCC3t6A%3DAztCC3t6(%3DAztCC3t6H%3DAztCC3t66%3DMertztCC3t64%3DAztCC3t6O%3D_ztCC3t49%3DAztCC3t4(%3DAPAAztCC3t4O%3DAztCC3tg%3DAztCC3tc%3DAztCC3G%3DAPA(gztCC3C9%3DAPA6EztCC3C9A%3D9PAAAztCC3C99%3D9PAAAztCC3C9(%3DAPOAHztCC3C9H%3D9PAAAztCC3C96%3D9PAAAztCC3C94%3D9PAA9ztCC3C9O%3DAP9cAztCC3C(%3DAPA64ztCC3C(9%3D9PAAAztCC3C(H%3D9PAAAztCC3C(6%3D9PAAAztCC3C(4%3D9PAAAztCC3C(E%3D9PAAAztCC3CH%3D9PAAAztCC3CHA%3D9PAAAztCC3CH6%3D9PAAAztCC3CHE%3D9gPAAAztCC3C6A%3D9gPAAAztCC3C4%3D9PAAAztCC3C4(%3DAPAg9ztCC3C4H%3D9PAAAztCC3C46%3D4PAAAztCC3C44%3D9PAAAztCC3C4g%3D9PAAAztCC3CO%3D9PAAAztCC3Cg%3DAPOAHztCC3CE%3D9PAAAztCC3e%3DAP9cAzQ3eMC%3DAPA6EzQeMC%3DAPA6EzaS%3DA%20%2B%20AzFaL%3DAzFqhMQ%3DZXXu~mBJ3~mX~_yn~uvzCfF%3D(cAc4gO6ze3SS%3DK~ze3FM%3DcAP(44PgPAze3dS%3D_Xze1r%3D43HzeQR3S.q%3DAzdQGGQe3qLf3Ft%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(Hzdqt%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(HzV1e%3DAzVFdF1FGFqh%3DAzS1tM%3DAPAAOzFqhMQ3Ft%3D(9zdQGGQe3qLf3Ft%3D%2FEHO66%2FSLdarPGL%2FtQdsqrM%2F(OH(Hzd7MMGh3qLf3Ft%3D(cAc4gO6zVFQ8L1FGFqh%3DAPAgA4gEzMrd%3DAzSLeeFQeyt%3DAzrf1Ft%3DAPA9Az1RGe%3DAPAAAztqS%3DQ731QztCC3QeMC%3DRLGdQztCC%3DaLeCr.hz1tMSLMt%3DAztLGf%3D7.Fdr.9(zF.dG%3DAzdr1M%3DzaqCG%3D9ztS7q%3D64ztrf1%3DAD9zF1S%3D9z&.qV=A&1teyt=6O(&CSR=6AgOc&htdMe=9&sLqMeQ=9&sLq1Ft=D9AH&SLtrCLF.=qT_DaxSGDxcUq-x6kjrFiUacqSHZMT7HMYcFMAQ6XT~%3D&hMGM=9&FdFt=H&LtV=*Q.QeLG%20JQLeSa&MfFt=M9(AA(A(E69cq(A(HAcAg9c9(&ddGt=%7B%22ddFM%22%3A%22cAP(44PgPA%22%2C%22ddSS%22%3A%22K~%22%2C%22dddS%22%3A%22_X%22%2C%22ddSqh%22%3A%22B.tQ.aQFC%22%7D&aqCGdeS=9&qSR3SCM=9
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.122.24.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://contextual.media.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Mon, 07 Aug 2023 18:12:11 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Mon, 07 Aug 2023 18:12:11 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 6426 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Fcasho.la_3.1&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1464505489357817&vpmute=0&mpt=videojs-ima&vpa=auto&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=397360844&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&media_url=blob%3Ahttps%253a%2F%2Fwww.casho.la%2Fce0a57bf-bafc-4479-a732-f0928b6b08e5&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=6924&dt=1691431932229&scor=3111754469254971&ged=ve4_td25_tt21_pd25_la25000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
ads
pagead2.googlesyndication.com/gampad/ Frame 6426 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F213794966%2C22687808135%2Fglobalsun%2Fcasho.la_2.1&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tfcd=0&npa=0&sz=1x1%7C300x250%7C400x300%7C640x360&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=vp&correlator=1464505489357817&vpmute=0&mpt=videojs-ima&vpa=auto&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=397360844&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&media_url=blob%3Ahttps%253a%2F%2Fwww.casho.la%2Fce0a57bf-bafc-4479-a732-f0928b6b08e5&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=6924&dt=1691431932293&scor=3111754469254971&ged=ve4_td25_tt21_pd25_la25000_er0.0.0.0_vi0.0.1200.1600_vp0_ts0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:12 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
vevent
ams3-ib.adnxs.com/ Frame 0215 		0
660 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://ams3-ib.adnxs.com/vevent?an_audit=0&referrer=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&e=wqT_3QKNBfBMjQIAAAMA1gAFAQj558SmBhDIv5arz4eA0FMYneLapJ_Tr8NPKjYJ-n5qvHSTeD8RSkIibeNPdD8ZAAAAQDMz0z8hSkIibeNPdD8p-n4JJAAxARvI4XqEPzCEnLINOMNGQOpcSOADUJi9zNYBWKScowFgAGip_sYBeO7xBYABAYoBA1VTRJIBAQb0_QGYAawCoAH6AagBAbABALgBAcABBcgBAtABANgBAOABAPABANgCueED4ALWl1zqAlVodHRwczovL3d3dy5jYXNoby5sYS9qb2UtYmlkZW4taGludHMtYS1wb3RlbnRpYWwtdGF4LWhpa2Utb24tb2lsLWNvbXBhbmllcy12ZXJ5LXNvb24vgAMAiAMBkAMAmAMXoAMBqgNCEhg0NzEwOTAwMjY1OTQxMTAxODQwX3NiaWQaEzYwMjU4MTY1NjMyMzY4MzkzNjgiCTQ1MDA0MzU0NCoGTTExODgywAPYBMgDANgDqorQAeADAOgDAPgDAYAEAJIEDS91dC92My9wcmViaWSYBACiBAw4MC4yNTUuNy4xMDSoBACyBBAIABABGKwCINgEKAAwADgCuAQAwAQAyAQA2gQCCAHgBAHwBJi9zNYBiAUBmAUAoAWQ2tnd0dqesEHABQDJBQAAAAAAAPA_0gUJCQAAAAAAAAAA2AUB4AUB8AWFm0r6BQQIABAAkAYAmAYAuAYAwQYAAAAAAADwP9AGsPEB2gYWChAAAAAAAAAAAAAAAAAAAAAAEAAYAOAGAfIGAggAgAcBiAcAoAcByAfu8QXSBw0JAAAAAAAAAAAQABgA2gcGCAAQABgA4AcA6gcCCADwB4nKAooIAhAAlQgAAIA_mAgBwAi54QM.&s=1bf096669bb9393c812fe190675bce416fddb383&type=pv&jm=1003&px=1100&py=630&bw=340&bh=250&sf=1&sid=2969307611908095445&vd=ct~0|rr~5&sv=239&tv=view7-1hs&ua=chrome52&pl=win&x=v&tag_id=28085764&ft=2
Requested by
Host: cdn.adnxs.com
URL: https://cdn.adnxs.com/v/s/239/trk.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:12 GMT
an-x-request-uuid
8475f4d6-d771-4fbc-926b-d738ddfd179e
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/player/ Frame 0CB3 		8 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.viralize.tv/player/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&_timestamp=1691431922066&sid=01ee354de8a96ec0ec105a2beb1ac0b2&experiment=ops.v&ahd=1&enable_branding=0&schain=1.0,1!viads.com,105507,1,,,&player_session=%7B%22page_id%22%3A%220189d132ef7431653af555e734d905e0%22%2C%22screen%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22page%22%3A%7B%22width%22%3A1600%2C%22height%22%3A4566%7D%2C%22viewport%22%3A%7B%22width%22%3A1600%2C%22height%22%3A1200%7D%2C%22player_size%22%3A%7B%22width%22%3A432%2C%22height%22%3A243%7D%7D&r=https%3A%2F%2Fwww.google.com%2F&pub_platform=&dd=casho.la&sc=3&gdpr=1&cs=&cmp=timeout&us_privacy=1---
Requested by
Host: monetize-static.viralize.tv
URL: https://monetize-static.viralize.tv/viralize_vpaid.min.56ff929a.js?e=ops
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:12 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding, Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
raven.min.js
cdn.ravenjs.com/3.17.0/ Frame FBCC 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ravenjs.com/3.17.0/raven.min.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a04:4e42:400::729 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Fastly /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:12 GMT
content-encoding
gzip
last-modified
Thu, 13 Jul 2017 16:58:06 GMT
server
Fastly
age
42471
etag
"51d6eff0ea5151f41fa0e2f3310fc7c7"
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
9634
polyfill.min.js
polyfill.io/v3/ Frame FBCC 		101 B
585 B 		Script
General
Check archive.org
Download Go to
Full URL
https://polyfill.io/v3/polyfill.min.js?features=default,es2015,es2016,es2017,es2018,es2019,es5,es6,es7&flags=gated
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a04:4e42:a00::282 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubdomains; preload
content-encoding
br
x-content-type-options
nosniff
date
Mon, 07 Aug 2023 18:12:12 GMT
age
1058867
detected-user-agent
Chrome/115.0.0
useragent_normaliser
chrome/115.0.0
server-timing
HIT, fastly;desc="Edge time";dur=1
alt-svc
h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length
105
referrer-policy
origin-when-cross-origin
last-modified
Mon, 24 Jul 2023 22:12:52 GMT
fastly_service_version
222
vary
User-Agent, Accept-Encoding
access-control-allow-methods
GET,HEAD,OPTIONS
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
normalized-user-agent
chrome/115.0.0
cache-control
public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800, immutable
accept-ranges
bytes
timing-allow-origin
*
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame FBCC 		345 KB
119 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
121802
x-xss-protection
0
expires
Mon, 07 Aug 2023 18:12:12 GMT
viralize_player.min.91ae55f5.js
monetize-static.viralize.tv/ Frame FBCC 		400 KB
113 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/viralize_player.min.91ae55f5.js?e=ops
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:12 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdso_U5-BQwjz594diuK1KQTerbdciH8VEcEHHNXIHrmq0wYjCtusY6YsiIEZfhUndfynuaRNg2a7oNOqH4AqjXUZg
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
115590
last-modified
Mon, 07 Aug 2023 07:43:44 GMT
server
UploadServer
etag
"91ae55f5c3aa02e4720ace777ea4b835"
vary
Accept-Encoding
x-goog-generation
1691394224820970
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=NZMkiw==, md5=ka5V9cOqAuRyCs53fqS4NQ==
cache-control
public, max-age=2592000
x-goog-stored-content-length
409561
accept-ranges
bytes
expires
Wed, 06 Sep 2023 18:12:12 GMT
bqi.php
lg3.media.net/ Frame 0215 		15 B
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://lg3.media.net/bqi.php?vgd_len=2481&lf=3&&vgd_hb_audit_1=8CU62QK31&vgd_hb_audit_2=755701432&vgd_tsce=L218&vgd_l2type=scs_newfl&vgd_ydspr=1&vgd_cdv=1043&vgd_cage=0&vgd_rensize=340_250&vgd_ren_page_h=4566&vgde_bdata=~G-MjJzvuuXW~GwEv9~G8Ov9.9u9~G-M1Qzvf9u9uu~G-MJ-Ev9~G-My8zQxv9~G-M8z7YOv9~G-MLwvHhr4gEdWqR~G-MLENv999999u~G-MQ8lJvA99-fX9~G-M7Y1-vu99~G-M7YjMQxkk8-vS~N875vPIr4Iq4Vc~NUMkjv9~ONvyNEoJxoBJQ7uoG~OYYMOuv9~OYYMOu9v9~OYYMOufvu~OYYMOuHv9~OYYMOuXvu~OYYMOuFvA~OYYMOuhv9~OYYMOuWvX~OYYMOfv_~OYYMOfuvou~OYYMOffv9.9f~OYYMOfHvX~OYYMOfXvOJkMOJk~OYYMOfWvX~OYYMOfiv9.99~OYYMOAv9~OYYMOA9v9~OYYMOAfv9~OYYMOAAv9~OYYMOAFvIK~OYYMOAhv_~OYYMOHvu9~OYYMOH9v9~OYYMOHfv9~OYYMOHAv9~OYYMOHHvELmO~OYYMOHXv9~OYYMOHFvD~OYYMOXuv9~OYYMOXfv9.99~OYYMOXFv9~OYYMOhv9~OYYMOWv9~OYYMjv9.9fh~OYYMYuv9.9Hi~OYYMYu9vu.999~OYYMYuuvu.999~OYYMYufv9.F9A~OYYMYuAvu.999~OYYMYuHvu.999~OYYMYuXvu.99u~OYYMYuFv9.uW9~OYYMYfv9.9HX~OYYMYfuvu.999~OYYMYfAvu.999~OYYMYfHvu.999~OYYMYfXvu.999~OYYMYfivu.999~OYYMYAvu.999~OYYMYA9vu.999~OYYMYAHvu.999~OYYMYAivuh.999~OYYMYH9vuh.999~OYYMYXvu.999~OYYMYXfv9.9hu~OYYMYXAvu.999~OYYMYXHvX.999~OYYMYXXvu.999~OYYMYXhvu.999~OYYMYFvu.999~OYYMYhv9.F9A~OYYMYivu.999~OYYMLv9.uW9~JMLEYv9.9Hi~JLEYv9.9Hi~wNv9n%2Bn9~8w1v9~875EJvK00I4tPbM4t04DVc4I_~Yy8vfW9WXhFH~LMNNvr4~LM8EvW9.fXX.h.9~LMQNvD0~LGmvXMA~LJkMNz7v9~QJjjJLM71yM8OvSiAFHHSN1Qwm.j1SOJQU7mESfFAfA~Q7OvSiAFHHSN1Qwm.j1SOJQU7mESfFAfA~eGLv9~e8Q8G8j875v9~NGOEv9.99F~875EJM8Ovfu~QJjjJLM71yM8OvSiAFHHSN1Qwm.j1SOJQU7mESfFAfA~QxEEj5M71yM8OvfW9WXhFH~e8JB1G8j875v9.9h9Xhi~EmQv9~N1LL8JLVOv9~myG8Ov9.9u9~GkjLv9.999~O7NvJxMGJ~OYYMJLEYvk1jQJ~OYYvw1LYmz5~GOEN1EOv9~O1jyvxz8Qmzuf~8zQjv9~QmGEv~w7Yjvu~ONx7vHX~OmyGv9ou~8GNvu~&vgd_lbt=1000&gdpr=1&mspa=0&prid=8PRVCXX19&cid=8CU42D0G6&crid=235364147&rrr=iBpqRw6H390dw3DeHrnmSo5Sn3tv5vo5SK0s7aTw0I-QQL8q6irK-FH11XPCWjX36z_rLKNxr5jhBPBv5V32rJK3BGgsmi019f--uCHfGcY%3D&requrl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&vi=1691431931766733168&ugd=4&cc=DE&sc=BY&bdrid=462&subBdr=99&vgd_kwrf=https%3A%2F%2Fwww.google.com&startTime=1691431931097&l1ch=1&l1hcsd=l1!Svx5n|5181&cref=https%3A%2F%2Fwww.google.com%2F&sttm=1691431931104&upk=1691431931.9357&hvsid=00001691431931104013588907526363&acid=41d25228dd4c4da7ab8a5c7618841d24&verid=3111299&infr=1&stime=1691431931086&tsrc=entity&vgd_mspa=0&vgd_l1rhst=contextual.media.net&vgd_l1rakh=1691431930153105195&vgd_sc=BY&vgd_ecrid=450043544&vgd_pa=tcf&vgd_uspa=0&vgd_mspad=a&vgd_isiolc=1&vgd_pgid=p12002029418t202308071812&vgd_pgids=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.122.24.29 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=21600

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=21600
date
Mon, 07 Aug 2023 18:12:12 GMT
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-length
15
expires
Mon, 07 Aug 2023 18:12:12 GMT
prebid.min.8767321a.js
monetize-static.viralize.tv/ Frame FBCC 		461 KB
146 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://monetize-static.viralize.tv/prebid.min.8767321a.js?e=ops
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:26f0:480:f::213:7ed1 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
x-guploader-uploadid
ADPycdsm77dKEiebMzpG0voAWQBVjxLHObngxEYjiM1e9U7489IiYltO5mYtaS0st8StnDMmp1ZXX9u32fMyxbBppH-4
x-goog-storage-class
REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
content-length
149442
last-modified
Mon, 17 Jul 2023 08:34:42 GMT
server
UploadServer
etag
"8767321aa946fab11b7849c3c8cab276"
vary
Accept-Encoding
x-goog-generation
1689582882143487
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=xXO4Yg==, md5=h2cyGqlG+rEbeEnDyMqydg==
cache-control
public, max-age=2592000
x-goog-stored-content-length
471945
accept-ranges
bytes
expires
Wed, 06 Sep 2023 18:12:13 GMT
apstag.js
c.amazon-adsystem.com/aax2/ Frame FBCC 		246 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: tinyurl.win
URL: https://tinyurl.win/i/hTv8ofje1i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:09 GMT
content-encoding
gzip
via
1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront), 1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
last-modified
Thu, 27 Jul 2023 19:49:27 GMT
server
AmazonS3
x-amz-cf-pop
FRA6-C1, FRA56-P3
age
5
x-amz-server-side-encryption
AES256
etag
W/"a7247ead77dd201b1e56acf0e565194b"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-id
8J52Ks_Bp6nbf0r5cGpxLG1cVPoFa4ttU96W2KHLO-J9qRsRZ5PqpQ==
ads
pagead2.googlesyndication.com/gampad/ Frame 722D 		124 B
125 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/gampad/ads?iu=%2F21928950349%2C22821854111%2Fcasho_la_gpt1_preroll&tfcd=0&npa=0&sz=640x360%7C400x300%7C640x480%7C1x1%7C400x225%7C320x240%7C320x180&gdfp_req=1&output=xml_vast4&unviewed_position_start=1&env=instream&correlator=1464505489357817&adsafe=medium&hl=en&vpos=preroll&cust_params=KV1%3D0.60%26max_ad_duration%3D900&ad_type=audio_video&description_url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&vpa=auto&vpmute=0&sdkv=h.3.584.2&osd=2&frm=0&vis=1&sdr=1&afvsz=450x50&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&u_so=l&ctv=0&mpt=videojs-ima&mpv=1.11.0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=445&ptt=20&adk=4222459873&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.584.2&sid=AB08DBEE-B524-4D5D-B12A-667203194BBA&nel=0&eid=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275&ref=https%3A%2F%2Fwww.google.com%2F&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&dlt=1691431906571&idt=11071&dt=1691431933077&scor=2102847943343129&ged=ve4_td26_tt22_pd26_la26000_er0.0.0.0_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
98
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
config
c.amazon-adsystem.com/cdn/prod/ Frame FBCC 		0
306 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=5044&u=https%3A%2F%2Fwww.casho.la
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
Server /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:05 GMT
via
1.1 8af5231b014ab5e8c35000dd4cf4b68c.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA56-P3
age
7
x-cache
Hit from cloudfront
access-control-allow-origin
https://www.casho.la
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-id
uIiW5OMAv4xAhDdZdjrWKgr98nMCvmAltCCmmOcdSUQlvvG7d0TvGQ==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame FBCC 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
52.222.208.154 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-52-222-208-154.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

x-amz-version-id
rBtfgJUMGYsy5fZuQwMAU7hSD.fVdF76
content-encoding
gzip
via
1.1 3092bdd288d2a449c56d11f2cf4a9b88.cloudfront.net (CloudFront)
date
Mon, 07 Aug 2023 06:23:09 GMT
x-amz-cf-pop
FRA56-P3
age
42545
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
last-modified
Sat, 24 Jun 2023 09:19:11 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=86400
vary
Accept-Encoding,Origin
x-amz-cf-id
r9cBl3Zgqn1XTiIiYnktyATtT9DJUlOjyxvLbk-V-ObRtP9mseCiJQ==
bid
aax.amazon-adsystem.com/e/dtb/ Frame FBCC 		23 B
460 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://aax.amazon-adsystem.com/e/dtb/bid?src=5044&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&pr=https%3A%2F%2Fwww.google.com%2F&pid=wAySLOUWTnj6Z&cb=0&ws=0x0&v=23.725.1446&t=2000&slots=%5B%7B%22id%22%3A%22videoSlot%22%2C%22mt%22%3A%22v%22%7D%5D&schain=1.0%2C1!viads.com%2C105507%2C1%2C%2C%2C!viralize.com%2C4704%2C1%2C%2C%2C&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.191.236 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-191-236.zrh55.r.cloudfront.net
Software
Server /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
strict-transport-security
max-age=47474747; includeSubDomains; preload
via
1.1 20e88007b6f5218ef5942bc3581c73b8.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
ZRH55-P1
x-amz-rid
CGT6E5SKFNVT3YCJJ81R
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
timing-allow-origin
*
content-length
23
x-amz-cf-id
koPauaZt2azsFM88q8-xgJlCQ-HS8RR4E-ifkhmj8mZM42qK_rdKDQ==
13521553
ad.yieldlab.net/yp/ Frame FBCC 		2 B
674 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.yieldlab.net/yp/13521553?ts=1691431933143&json=true&pvid=true&schain=1.0,1!viads.com,105507,1,,,,!showheroes.com,4704,1,,,,&pubref=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&gdpr=true&consent=undefined
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
69.192.161.76 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-161-76.deploy.static.akamaitechnologies.com
Software
/
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 07 Aug 2023 18:12:13 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/json;charset=UTF-8
Access-Control-Allow-Origin
https://www.casho.la
Content-Language
de-DE
Cache-Control
no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Mx-ReqToken,X-Requested-With
Content-Length
22
Expires
Sun, 06 Aug 2023 18:12:13 GMT
/
shb.richaudience.com/hb/ Frame FBCC 		4 B
233 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://shb.richaudience.com/hb/
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.88.17.186 Gunzenhausen, Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.186.17.88.23.clients.your-server.de
Software
nginx/1.14.1 /
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
server
nginx/1.14.1
vary
Accept-Encoding, Accept-Encoding
access-control-max-age
86400
content-type
text/html; charset=UTF-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ Frame FBCC 		296 B
647 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:12 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.casho.la
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
auction
prebid-server.rubiconproject.com/openrtb2/ Frame FBCC 		173 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
Expires
0
openrtb
adx.adform.net/adx/ Frame FBCC 		0
529 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.3.20 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
strict-transport-security
max-age=31536000; includeSubDomains
server
nginx
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
prebid-server.rubiconproject.com/openrtb2/ Frame FBCC 		173 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
Expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame FBCC 		173 B
466 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
69.173.144.137 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
content-encoding
gzip
x-prebid
pbs-java/1.126.0
Content-Type
application/json
access-control-allow-origin
https://www.casho.la
Cache-Control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
169
Expires
0
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzc0MDWhxEhzsbF3TA%3D%3D.1.1h78j653i-blgds855ftg-YWRuXzc0MDWhxEhzsbF3TA%3D%3D-wp1sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzU0MDiuihM2aOWy8A%3D%3D.6.1h78j653i-blgds855ftg-YWRuXzU0MDiuihM2aOWy8A%3D%3D-wp6sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzEwNDE0eP2NRRfmH04%3D.8.1h78j653i-blgds855ftg-YWRuXzEwNDE0eP2NRRfmH04%3D-wp8sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzc3MzDpOFsig0fIyg%3D%3D.4.1h78j653i-blgds855ftg-YWRuXzc3MzDpOFsig0fIyg%3D%3D-wp4sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzU5MDYkYm9wCJ1k6A%3D%3D.11.1h78j653i-blgds855ftg-YWRuXzU5MDYkYm9wCJ1k6A%3D%3D-wp11sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzEwOTc1oOmNmv3ix78%3D.3.1h78j653i-blgds855ftg-YWRuXzEwOTc1oOmNmv3ix78%3D-wp3sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzEwOTcw9TAwGGdI07c%3D.9.1h78j653i-blgds855ftg-YWRuXzEwOTcw9TAwGGdI07c%3D-wp9sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
video10.ts
stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/ 		236 KB
237 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://stream.unibotscdn.com/1b137061-4677-4c10-99b3-26c1b70efd17/640x360/video10.ts
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2400:52e0:1e00::1053:1 , Germany, ASN200325 (BUNNYCDN, SI),
Reverse DNS
Software
BunnyCDN-DE1-1053 /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
cdn-edgestorageid
874
cdn-storageserver
DE-588
cdn-cachedat
07/31/2023 08:39:15
cdn-pullzone
829957
content-length
241580
last-modified
Mon, 09 Jan 2023 09:55:04 GMT
server
BunnyCDN-DE1-1053
cdn-fileserver
523
cdn-requestpullcode
206
cdn-proxyver
1.04
content-type
video/mp2t
access-control-allow-origin
*
cdn-cache
HIT
cdn-uid
7bd10f57-831e-4fd9-beca-97093a9ae0ed
access-control-expose-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cache-control
public, max-age=43200
cdn-requestid
23360597ec53e551ad6b6ee8e4d2f360
accept-ranges
bytes
cdn-requestcountrycode
DE
access-control-allow-headers
Server, x-goog-meta-frames, Content-Length, Content-Type, Range, X-Requested-With, If-Modified-Since, If-None-Match
cdn-status
200
cdn-requestpullsuccess
True
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzQ3MjISXlnO0Pe6nA%3D%3D.2.1h78j653i-blgds855ftg-YWRuXzQ3MjISXlnO0Pe6nA%3D%3D-wp2sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
advast
ad.360yield.com/ Frame FBCC 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ad.360yield.com/advast?p=22894085&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&gdpr=1&gdpr_consent=&vast_version=3&vpaid_version=2&video_format_type=outstream
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.114.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-114-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:13 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzExMzUzBg16G9zvAFA%3D.5.1h78j653i-blgds855ftg-YWRuXzExMzUzBg16G9zvAFA%3D-wp5sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame FBCC 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzc0MDWhxEhzsbF3TA%3D%3D-wp1sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzc0MDWhxEhzsbF3TA%3D%3D-wp1sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzEwOTc1oOmNmv3ix78%3D-wp3sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzEwOTc1oOmNmv3ix78%3D-wp3sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzc3MzDpOFsig0fIyg%3D%3D-wp4sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzc3MzDpOFsig0fIyg%3D%3D-wp4sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzEwNDE0eP2NRRfmH04%3D-wp8sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzEwNDE0eP2NRRfmH04%3D-wp8sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzEwOTcw9TAwGGdI07c%3D-wp9sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzEwOTcw9TAwGGdI07c%3D-wp9sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame FBCC 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzU5MDYkYm9wCJ1k6A%3D%3D-wp11sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzU5MDYkYm9wCJ1k6A%3D%3D-wp11sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzQ3MjISXlnO0Pe6nA%3D%3D-wp2sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzQ3MjISXlnO0Pe6nA%3D%3D-wp2sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ptv
secure.adnxs.com/ Frame FBCC 		27 B
700 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://secure.adnxs.com/ptv?member=9986&id=20877766&vplaybackmethod=2&referrer=casho.la&gdpr=1&gdpr_consent=&cb=1691431932&schain=1.0,1!viads.com,105507,1,,,!viralize.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
an-x-request-uuid
299db730-45ec-490d-96dd-f9f306c246d0
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
application/xml; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
x-proxy-origin
80.255.7.104; 80.255.7.104; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
content-length
27
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzU5MDgOCMUDkzF6aw%3D%3D.7.1h78j653i-blgds855ftg-YWRuXzU5MDgOCMUDkzF6aw%3D%3D-wp7sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame FBCC 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzExMzUzBg16G9zvAFA%3D-wp5sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzExMzUzBg16G9zvAFA%3D-wp5sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%2C%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzU0MDiuihM2aOWy8A%3D%3D-wp6sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzU0MDiuihM2aOWy8A%3D%3D-wp6sc3%22%2C%22label%22%3A%22bid_error%22%2C%22reason%22%3A%2290008%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
advast
ice.360yield.com/ Frame FBCC 		27 B
239 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ice.360yield.com/advast?p=22599156&w=16&h=9&minduration=1&maxduration=60&player_width=432&player_height=243&referrer=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&gdpr=1&gdpr_consent=&vast_version=3&vpaid_version=2&video_format_type=outstream&schain=1.0,1!viads.com,105507,1,,,!showheroes.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.194.114.76 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-194-114-76.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:13 GMT
access-control-allow-credentials
true
content-type
application/xml; charset=UTF-8
content-length
27
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzk3NjHBhV1aL3JnUg%3D%3D.10.1h78j653i-blgds855ftg-YWRuXzk3NjHBhV1aL3JnUg%3D%3D-wp10sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
ads.viralize.tv/track/ Frame FBCC 		0
11 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzU5MDgOCMUDkzF6aw%3D%3D-wp7sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzU5MDgOCMUDkzF6aw%3D%3D-wp7sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
via
1.1 google
server
uvicorn, Unknown
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
service.bidlab.ai/ Frame FBCC 		65 B
295 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://service.bidlab.ai/?c=v&m=tag&placementId=178&videotype=VPAID&wPlayer=432&hPlayer=243&ip=80.255.7.104&ua=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F115.0.5790.170+Safari%2F537.36&domain=casho.la&page=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&secure=1&language=it&bidfloor=1&gdpr_consent=&gdpr=1&schain=1.0,1!viads.com,105507,1,,,!showheroes.com,4704,1,,,
Requested by
Host: cdn.ravenjs.com
URL: https://cdn.ravenjs.com/3.17.0/raven.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
8.2.108.106 , United States, ASN46636 (NATCOWEB, US),
Reverse DNS
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Access-Control-Allow-Origin
https://www.casho.la
Date
Mon, 07 Aug 2023 18:12:13 GMT
Access-Control-Allow-Credentials
true
Server
nginx
Connection
keep-alive
Content-Length
65
Content-Type
text/xml
/
ads.viralize.tv/t-bid-opportunity/ Frame FBCC 		0
37 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.viralize.tv/t-bid-opportunity/?zid=AADPh4dFgdgbKwgH&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&t=adn&hcid=c3RhbmRhbG9uZRpujSbK2oF8&sid=01ee354de8a96ec0ec105a2beb1ac0b2&item=YWRuXzExMjY5Q56SXM_CuCM%3D.12.1h78j653i-blgds855ftg-YWRuXzExMjY5Q56SXM_CuCM%3D-wp12sc3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.186.238.232 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
232.238.186.35.bc.googleusercontent.com
Software
uvicorn, Unknown /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
uvicorn, Unknown
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
localstore.js
script.4dex.io/ 		483 B
1018 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::ac43:4bf1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

Date
Mon, 07 Aug 2023 18:12:13 GMT
Content-Encoding
br
CF-Cache-Status
HIT
Last-Modified
Thu, 03 Aug 2023 15:25:22 GMT
NEL
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server
cloudflare
Age
354995
ETag
W/"922cffdd75f7192f75231d92684885aa"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
Report-To
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0vGgw%2BQfZYUP8YbxZ7qOJq5NrKx1nif7LuELocpyVkc2ATPDoPS2JZdNzNSgR6h4hyECyY39ZoleJzTdt7OCZ%2B1gk8B0iCijClTYcsBJAv8I7sAYd%2BtKIXq4Gh0GLWs358Hishj6aCcIgf0C"}],"group":"cf-nel","max_age":604800}
Cache-Control
public, max-age=1800
Connection
keep-alive
CF-RAY
7f317c913845bb67-FRA
c
prebid.a-mo.net/a/ 		0
157 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.84.158 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:12 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
2
server
envoy
vary
origin, Accept-Encoding
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e0934656a02de&pos=8a96956701777748ce2a4e3783a502ea&cmd=bid&secure=1&gdpr=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
content-length
77
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e0934656a02de&pos=8a969d4401777748c6904e37e7da02a7&cmd=bid&secure=1&gdpr=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
336 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e0934656a02de&pos=8a96956701777748ce2a4e383a4c02eb&cmd=bid&secure=1&gdpr=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
content-length
80
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a96948f017675f6f24e0934656a02de&pos=8a96956701777748ce2a4e38867602ec&cmd=bid&secure=1&gdpr=1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
35.157.246.167 -, , ASN (),
Reverse DNS
Software
ATS/9.1.10.57 /
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
server
ATS/9.1.10.57
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://www.casho.la
access-control-allow-credentials
true
content-length
80
v1
prg.smartadserver.com/prebid/ 		296 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
br
transfer-encoding
chunked
vary
Accept-Encoding, Origin
content-type
application/json; charset=UTF-8
access-control-allow-origin
https://www.casho.la
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
no-cache,no-store
access-control-allow-credentials
true
v1
prg.smartadserver.com/prebid/ 		0
0
v1
hb-api.omnitagjs.com/hb-api/prebid/ 		180 B
254 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hb-api.omnitagjs.com/hb-api/prebid/v1?RefererUrl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&PageUrl=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&PageReferrer=https%3A%2F%2Fwww.google.com%2F
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
185.255.84.151 , France, ASN200271 (IGUANE-, FR),
Reverse DNS
Software
ayl-lb-fra02 /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
x-content-type-options
nosniff
server
ayl-lb-fra02
access-control-max-age
3600
access-control-allow-methods
OPTIONS, POST
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
x-envoy-upstream-service-time
23
vary
Accept-Encoding
access-control-allow-headers
Accept-Encoding, Content-Type
content-length
180
expires
0
prebid
mp.4dex.io/ 		45 B
193 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:272 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

x-version
3.0.0-gcp-ams
date
Mon, 07 Aug 2023 18:12:13 GMT
x-err
Shapings: no adunits with size and seat and mapping
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Process Seats Booster. unable to get the seat booster engine for organization: 1090
content-length
45
pragma
no-cache
server
cloudflare
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cf-ray
7f317c90ee154d25-FRA
expires
0
cdb
bidder.criteo.com/ 		0
190 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/cdb?ptv=136&profileId=185&av=34&wv=7.35.0&cb=70289764003
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://www.casho.la
date
Mon, 07 Aug 2023 18:12:12 GMT
strict-transport-security
max-age=31536000; preload;
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
server
Kestrel
vary
Origin
fastlane.json
fastlane.rubiconproject.com/a/api/ 		458 B
515 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160042&zone_id=767296&size_id=2&alt_size_ids=55%2C57&gdpr=1&rp_schain=1.0,1!venatus.com,62693fbe0036ac21aee6add7,1,,,&rf=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tg_i.page=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.domain=casho.la&tk_flint=pbjs_lite_v7.35.0&x_source.tid=fbf07801-4e25-4c6d-966e-662db04e61c4&l_pb_bid_id=21b907e5445ffb1&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_63612cc54c3c6847c8a48d1f%2F1100&slots=1&rand=0.7535515985743433
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
458
expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		436 B
470 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=13762&site_id=160042&zone_id=767296&size_id=15&gdpr=1&rp_schain=1.0,1!venatus.com,62693fbe0036ac21aee6add7,1,,,&rf=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tg_i.page=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&tg_i.ref=https%3A%2F%2Fwww.google.com%2F&tg_i.domain=casho.la&tk_flint=pbjs_lite_v7.35.0&x_source.tid=9cc70029-d746-4514-983a-cf8131532740&l_pb_bid_id=22ab8f870612463&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2FVM_63612cbb8934e21c346d92ba%2F1103&slots=1&rand=0.4749352981102517
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2602:803:c003:200::44 Amsterdam, Netherlands, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
server
nginx/1.21.4
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.casho.la
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
content-length
436
expires
Wed, 17 Sep 1975 21:32:10 GMT
trinity.json
apex.go.sonobi.com/ 		0
0
bid
ap.lijit.com/rtb/ 		24 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_7.35.0
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.86 , United States, ASN32475 (SINGLEHOP-LLC, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 07 Aug 2023 18:12:13 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://www.casho.la
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap4ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs-simple.com/ut/v3/ 		0
0
arj
venatusmedia-d.openx.net/w/1.0/ 		73 B
376 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://venatusmedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fbf07801-4e25-4c6d-966e-662db04e61c4%2Cfbf07801-4e25-4c6d-966e-662db04e61c4%2Cfbf07801-4e25-4c6d-966e-662db04e61c4%2C9cc70029-d746-4514-983a-cf8131532740&nocache=1691431933575&sua=%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D&gdpr=1&pubcid=a19d0c94-64e4-4514-97bc-08abfc0761a6&schain=1.0%2C1!venatus.com%2C62693fbe0036ac21aee6add7%2C1%2C%2C%2C&aus=728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C728x90%2C970x90%2C970x250%7C300x250&divids=1100-63612cc54c3c6847c8a48d1f%2C1100-63612cc54c3c6847c8a48d1f%2C1100-63612cc54c3c6847c8a48d1f%2C1103-63612cbb8934e21c346d92ba&aucs=%2C%2C%2C&auid=539871888%2C539871889%2C539871890%2C539871884
Requested by
Host: hb.vntsm.com
URL: https://hb.vntsm.com/v3/live/ad-manager.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/0.0.0 /
Resource Hash

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 07 Aug 2023 18:12:13 GMT
content-encoding
gzip
via
1.1 google
server
OXGW/0.0.0
vary
Accept, Accept-Encoding
content-type
application/json
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://www.casho.la
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
expires
Mon, 26 Jul 1997 05:00:00 GMT
/
ads.viralize.tv/track/ Frame FBCC 		0
0
/
ads.viralize.tv/track/ Frame FBCC 		0
0
events
bidder.criteo.com/csm/ 		0
121 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://bidder.criteo.com/csm/events
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.136.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a02:2638:d::a , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.casho.la/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
strict-transport-security
max-age=31536000; preload;
cross-origin-resource-policy
cross-origin
server
Kestrel
csi
csi.gstatic.com/ Frame 4113 		0
0
dsp
hhkld.com/logs/event/ 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://hhkld.com/logs/event/dsp?event=rtb&event2=request&sid=105507&tids=17433&v=20&cb=1691431933674
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
141.94.202.176 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31491888.ip-141-94-202.eu
Software
nginx /
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://www.casho.la/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36

Response headers

date
Mon, 07 Aug 2023 18:12:13 GMT
last-modified
Fri, 04 Aug 2023 17:20:08 GMT
server
nginx
etag
"64cd3348-2b"
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://www.casho.la
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
accept-ranges
bytes
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
43
bridge3.584.2_en.html
imasdk.googleapis.com/js/core/ Frame 2460 		718 KB
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.584.2_en.html
Requested by
Host: d1oykxszdrgjgl.cloudfront.net
URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.casho.la/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.5790.170 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
524526
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
235822
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 01 Aug 2023 16:30:07 GMT
expires
Wed, 31 Jul 2024 16:30:07 GMT
last-modified
Tue, 01 Aug 2023 05:35:49 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 2092 		0
0
adagio.js
script.4dex.io/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
kvt.sddan.com
URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
as-sec.casalemedia.com
URL
https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&v=3
Domain
lexicon.33across.com
URL
https://lexicon.33across.com/v1/envelope?pid=0015a00002y4bCYAAY&gdpr=0&src=pbjs&ver=8.3.0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ll16w2do&c=960899130579&slotId=480449565289.5&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll16w4vy&c=960899130579&slotId=480449565289.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ll16w5fi&c=960899130579&slotId=480449565289.5&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll16w5p4&c=960899130579&slotId=480449565289.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ll16w60m&c=960899130579&slotId=480449565289.5&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll16w64q&c=960899130579&slotId=480449565289.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ll16w6j8&c=960899130579&slotId=480449565289.5&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Domain
t.adx.opera.com
URL
https://t.adx.opera.com/pub/sync?pubid=pub8730968190912
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=1~ll16w6t0&c=960899130579&slotId=480449565289.5&eee=missing-element&bi=missing-id&vast_v=4.1&lima_p_ich=0&lima_p_icu=0
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=2~ll16w77a&c=960899130579&slotId=480449565289.5&uet=2&ghmsh_eids=44772139%2C44777649%2C44781409%2C44781753%2C44782991%2C44788275
Domain
kvt.sddan.com
URL
https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Domain
prebid.smilewanted.com
URL
https://prebid.smilewanted.com/
Domain
ads.viralize.tv
URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j62cf-2n6frkl46eo-YWRuXzExMjY5Q56SXM_CuCM%3D-wp12sc2%22%2C%22bid_opportunity_id%22%3A%221h78j62cf-2n6frkl46eo-YWRuXzExMjY5Q56SXM_CuCM%3D-wp12sc2%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Domain
prg.smartadserver.com
URL
https://prg.smartadserver.com/prebid/v1
Domain
apex.go.sonobi.com
URL
https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22243fc62f756ac97%22%3A%221e243f346ae2cc3a7556%7C728x90%2C970x90%2C970x250%7Cc%3Dd%2C%22%2C%22253bcb0a55e3479%22%3A%221e243f346ae2cc3a7556%7C300x250%7Cc%3Dd%2C%22%7D&ref=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&s=b973e878-564b-4e33-b38c-019176ef2dc0&pv=04fabf9a-58f4-4c78-a8b8-ef9bd6ee8090&vp=desktop&lib_name=prebid&lib_v=7.35.0&us=8&fpd=%7B%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%7D%7D%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fwww.google.com%2F%22%2C%22domain%22%3A%22casho.la%22%2C%22publisher%22%3A%7B%22domain%22%3A%22casho.la%22%7D%7D%2C%22device%22%3A%7B%22w%22%3A1600%2C%22h%22%3A1200%2C%22dnt%22%3A0%2C%22ua%22%3A%22Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F115.0.5790.170%20Safari%2F537.36%22%2C%22language%22%3A%22en%22%2C%22sua%22%3A%7B%22source%22%3A2%2C%22browsers%22%3A%5B%5D%2C%22mobile%22%3A0%2C%22model%22%3A%22%22%2C%22bitness%22%3A%22%22%2C%22architecture%22%3A%22%22%7D%7D%7D&ius=1&gdpr=true&schain=%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22venatus.com%22%2C%22sid%22%3A%2262693fbe0036ac21aee6add7%22%2C%22hp%22%3A1%7D%5D%7D&coppa=0
Domain
ib.adnxs-simple.com
URL
https://ib.adnxs-simple.com/ut/v3/prebid
Domain
ads.viralize.tv
URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzk3NjHBhV1aL3JnUg%3D%3D-wp10sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzk3NjHBhV1aL3JnUg%3D%3D-wp10sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Domain
ads.viralize.tv
URL
https://ads.viralize.tv/track/?multi=true&serialization=json&events=%5B%7B%22ver%22%3A1%2C%22type%22%3A%22event%22%2C%22category%22%3A%22bid_opportunity%22%2C%22session_id%22%3A%2201ee354de8a96ec0ec105a2beb1ac0b2%3A0%3A1h78j653i-blgds855ftg-YWRuXzExMjY5Q56SXM_CuCM%3D-wp12sc3%22%2C%22bid_opportunity_id%22%3A%221h78j653i-blgds855ftg-YWRuXzExMjY5Q56SXM_CuCM%3D-wp12sc3%22%2C%22label%22%3A%22bid_rejected%22%2C%22reason%22%3A%22ok%22%7D%5D
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=ima&dmc=8&puid=4~ll16w8yi&c=960899130579&slotId=480449565289.5&fb=ima_html5-lima&sdkv=h.3.584.2&ppt=videojs-ima&ppv=1.11.0&mrd=4&aab=0&itv=1&uet=2&met.4=err.ll16wgqo&aec=901&rec=loaded-1%7Cshow_ad-1%7Cerror-1%7CverificationNotExecuted-1%7Cstop-1
Domain
pagead2.googlesyndication.com
URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Domain
script.4dex.io
URL
https://script.4dex.io/adagio.js

Verdicts & Comments Add Verdict or Comment

506 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 object| 22 object| 23 object| 24 object| 25 object| 26 object| 27 object| 28 object| 29 object| 30 object| 31 object| 32 object| 33 object| 34 object| 35 object| 36 object| 37 object| 38 object| 39 object| 40 object| 41 object| 42 object| 43 object| 44 object| 45 object| 46 object| 47 object| 48 object| 49 object| 50 object| 51 object| 52 object| 53 object| 54 object| 55 object| 56 object| 57 object| 58 object| 59 object| 60 object| 61 object| 62 object| 63 object| 64 object| 65 object| 66 object| 67 object| 68 object| 69 object| 70 object| 71 object| 72 object| 73 object| 74 object| 75 object| 76 object| 77 object| 78 object| 79 object| 80 object| 81 object| 82 object| 83 object| 84 object| 85 object| 86 object| 87 object| 88 object| 89 object| _wpemojiSettings object| regeneratorRuntime object| unibots function| reactSiteCheck boolean| mobileCheck string| clientDomain string| clientActualDomain boolean| playerRun boolean| reactSite string| previousUrl function| checkPlayerShouldRun function| runCMD function| unibotsLog function| unibotsCustomGA function| injectCustomJs function| checkBlocked function| getGeoInfo function| fetchJsonData function| unibotsPlayer function| addPlayerCssonMainWindow function| checkIframe function| generateIframe function| startFunc function| injectAdditionScriptTagsOnDOM function| movedivtotargetLocation function| checkPlDivs undefined| $ function| jQuery object| async object| tps object| tpsObjects object| tpsInstance object| global_utm_tags object| macros object| rpsa string| isdev function| __IntegralASDiagnosticCall object| __IntegralASConfig function| mainScriptAppender object| __IASScope boolean| isDomless object| __IASOmidVerificationClient object| s1 function| fireReps object| FB function| checkFrameandInitStartFun number| infolinks_pid number| infolinks_wsid boolean| IL_INIT object| $iceboot object| INFOLINKS function| confiantWrap number| themoneytizer_async object| eucountries object| sas function| whenFormatFctDefined function| whenDefined object| http string| url number| random_cent_ab_test number| tmzr_siteid number| random_cent number| enable_sco function| criteoCallback object| generic object| criteo_gum object| smart_csync object| zeotap object| node object| pwidget_config object| leadplaceScript object| iframe object| teads object| tagsObject string| website number| random undefined| pubstack object| headelement object| notifyme object| tmzr object| d object| pbs number| random_sw object| format_size object| format_size_ix object| format_w_adform object| format_h_adform object| format_size_rubicon object| between_w object| between_h object| counter_refresh object| smart_prebid2 function| refreshVisibility26328 string| crtg_content object| mydiv object| creatediv undefined| paragraphs undefined| counter undefined| temp undefined| myP undefined| myPNumber undefined| coeffFilterBegin undefined| coeffFilterEnd undefined| filterBegin undefined| filterEnd undefined| limitPargraphs undefined| filteringParagraphs undefined| number undefined| divs undefined| coeffFilterBeginDiv undefined| filterBeginDiv function| isEmpty function| GetMobileDesktop function| GetMobileDesktopId function| GetRichAudienceZone function| GetmnameAdform function| GetwAdform function| GethAdform function| GetsizeTriplelift function| Getsize function| GetsizeRubicon function| Timeout function| refreshSlot function| refreshSlotFooter undefined| convertHtmlToText function| whatToLoad number| nugg_ab number| site_id string| pubstack_ab object| sublime string| sh object| teads_analytics object| _qevents boolean| moneycaching object| params number| nugg function| Adcall_26328 function| refreshVisibility26323 function| Adcall_26323 function| refreshVisibility26711 function| Adcall_26711 object| webpackChunkad_manager object| vmpbjs object| _pbjsGlobals number| __VM_COUNT function| $___render object| ADAGIO string| nobidVersion object| nobid object| mnet object| aniplayerPos object| __twttrll object| twttr object| __twttr function| verbose function| Waypoint function| lozad object| zoxWidgets function| _typeof function| _defineProperty function| autoDiv_or_FrameChecker object| adArray boolean| blockedPagesFlag function| loadStyles function| initFunction function| runPlayer function| shouldPlayerRun object| tmzrChunk object| placementBids undefined| Adcall_48311 undefined| Adcall_26325 undefined| Adcall_80234 undefined| Adcall_video object| pubstack_publica number| bidder_geo object| __buffer function| a0_0x5142 function| a0_0x5b32 object| __IntegralASExec function| uk_videoPlayer boolean| ucp_init string| GoogleAnalyticsObject function| ga number| __mobxInstanceCount undefined| __mobxGlobals object| twemoji object| wp boolean| sas_usePostStandard object| ID5 function| SasIabApi number| intervalCounterNumberCMP V2 number| intervalCounterNumberCCPA number| intervalCounterNumberGPP object| sas_ads boolean| sas_ajax object| sas_manager object| sas_unrenderedFormats undefined| sas_callAd undefined| sas_callAds function| sas_render function| SmartAdServerAjaxOneCall function| SmartAdServer_iframe function| SmartAdServer function| SmartAdServerAjax function| sas_gcf function| sas_appendToContainer function| sascc function| sasmobile function| sas_addCleanListener function| sas_cleanAds function| sas_cleanAd number| intervalCounterNumberGPP2 number| sas_renderMode function| clientJsFunction function| clarity function| mapperjs object| xplay_by_sid object| xplay_tags number| xplay_sid string| xplay_target string| xplay_mode string| xplay_baseURL boolean| xplay_loaded object| libJsLeadPlace function| quantserve function| __qc object| ezt object| _qoptions object| Criteo boolean| tmcredentials object| sm_tag_tag_fb4756ee-62d7-477c-b298-68bce67d05b2 object| playersAb number| smInit object| __VM object| core number| $iceId object| _google_rum_ns_ object| google_persistent_state_async number| google_global_correlator object| google_js_reporting_queue function| Goog_AdSense_Lidar_sendVastEvent function| Goog_AdSense_Lidar_getViewability function| Goog_AdSense_Lidar_getUrlSignalsArray function| Goog_AdSense_Lidar_getUrlSignalsList number| google_srt object| google object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$companion_ad_selection_settings object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ads_rendering_settings object| ima object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_error_event object| module$exports$google3$javascript$ads$interactivemedia$sdk$clientside$api$ad_event object| module$contents$ima$AdsManagerLoadedEvent_AdsManagerLoadedEvent object| google_tag_data object| closure_lm_688082 object| tiktokEmbed function| __gpp function| avPlayer object| gaplugins object| gaGlobal object| gaData object| udm_ads_queue boolean| udm_edge_init object| headertag undefined| bid undefined| vastUrl object| targetingParams undefined| Adcall_26300 undefined| Adcall_26322 string| Smart_SR_data object| slowBidders object| adsArea26323 object| observers26323 function| refreshQueueManager26323 function| loopChecker26323 object| adsArea26328 object| observers26328 function| refreshQueueManager26328 function| loopChecker26328 undefined| Adcall_26706 object| adsArea26711 object| observers26711 function| refreshQueueManager26711 function| loopChecker26711 object| webpackChunk_aniview_player object| avContentPlayer function| setImmediate function| clearImmediate object| ats object| webpackChunkmplayer function| monti object| voltax object| dataLayer object| monetizationEventsReporter object| $$mm-analytics string| xplay_debug object| xplay_oninit object| adplay_oninit object| closure_lm_105288 object| googletag function| processGoogleToken object| googleToken object| googleIMState object| args object| el object| lastBidder26323 object| lastBidder26328 object| lastBidder26711 function| NewSMPlayer number| smInitPlayer object| vttjs function| WebVTT function| videojs object| apntag object| _ADAGIO object| closure_lm_135915 object| udm_r3Chunk object| udm_r3 function| endedHandler function| udmPbcsRun function| udm_process_ads_queue function| delete_udm_edge function| reload_udm_edge object| udmRenderRates object| storageAni object| bubble object| skins object| wzMM object| muxjs function| videojsIma function| videojsContribAds object| apstag function| __tcfapi string| css object| style function| setupFooterSlidein function| bringToFront function| setupSlideIn function| setupFooter function| qcResize function| setupExoticFS function| setupNative object| iframeDoc object| elList number| k object| google_tag_manager object| $jscomp object| canAutoplay function| videojsPlaylist object| udmCompiledBlockedCreativeIds object| udmDefinedBlockedCreativeIds object| closure_lm_823304 object| criteo_pubtag object| criteo_pubtag_prebid_136 object| Criteo_prebid_136 object| _aps boolean| apstagLOADED object| apscustom object| ggeac function| ILVideo function| ha object| cnvr_launcher_options object| federatedObj object| criteo_syncframe_state function| isValidVideo string| myPlayerGabywa object| oldScript object| attr function| gtag object| ns_ undefined| google_measure_js_timing function| onYouTubeIframeAPIReady object| divWrapper function| focusFunc object| TRC number| taboola_view_id object| hadron boolean| __halo_loaded__ object| conversant object| PublisherCommonId function| __tcfapiui function| __uspapi object| au object| default_ContributorServingResponseClientJs object| __googlefc string| __fcInvoked string| __fcexpdef string| Njc2NzVlMjIzNWZkZjg2OGxvYWRlcl9qcw== string| Njc2NzVlMjIzNWZkZjg2OGNhY2hlZF9qcw== object| googlefc object| __fcInternalApiManager boolean| __fcInternalApiPostMessageReady object| __gppEventListeners object| __gppManager boolean| __gppPostMessageReady object| ukAdTitle object| ukAdDescription object| ukAdLink object| publink_options object| coreid object| __bt_intrnl object| closure_lm_712282 object| __VR object| __vrInjectorPlugins object| c object| h object| sl function| Tapad boolean| sasIsIosUiwebview undefined| lte9 undefined| nav undefined| ua undefined| idb object| smartCsync object| sas_snippets function| prepareAdRequest

233 Cookies

Domain/Path Name / Value
www.casho.la/trending/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon Name: logglytrackingsession
Value: 9e475686-7f81-42d1-ab9e-ad1acd11bb19
www.casho.la/trending Name: PHPSESSID
Value: 41q7ekirr88mm7qjdiobv0beka
.google.com/ Name: __Secure-ENID
Value: 13.SE=olnDe1fO3n_xYe2XkqCzMLwxD8-RszvFCMYHPX0jpLUgljs9Gxqj8GLUuC7DeJQhn6EKu8X1k7WSsdRLr10hbymkAPYjLQ-Ep06qkFo08GOPAcVNSLV9Cwkwk1-6wJqdJKfFnFi8p5Ss9_pNtc_2LT4wnhJkvpdI1xg6Kun-gmk
.google.com/ Name: CONSENT
Value: PENDING+906
www.casho.la/ Name: HAPPIDS1
Value: s2|ZNEz5|ZNEz5
.hhkld.com/ Name: uid
Value: jV7KsGTRM+N0P8xXL2FqAg==
.casho.la/ Name: sharedid
Value: 0c974440-dd3e-46f6-b53f-0fbf20d340ea
.infolinks.com/ Name: cuid
Value: 41cfc5fd-af0a-4c14-a99e-c4c47a64fa02
.udmserve.net/ Name: dt
Value: 21B4A404-2328-3AFA-B553-5CE3D94DCFCC
.zeotap.com/ Name: zc
Value: f6444ad7-dcbb-43a3-6164-527de0307f44
pbjs.e-planning.net/ Name: CT
Value: 1
.prebid.a-mo.net/ Name: __amc
Value: 1_1691431908_1691431908
.adnxs.com/ Name: icu
Value: ChkI07mIARAKGAEgASgBMOTnxKYGOAFAAUgBEOTnxKYGGAA.
.adnxs.com/ Name: uuid2
Value: 5730477144318325021
.rubiconproject.com/ Name: khaos
Value: LL16VXOA-J-28RP
.rubiconproject.com/ Name: audit
Value: 1|naVuGyos1qqtWCCEqOzEFwNb0fGVcfL/XWaA1sYWTLE9gLr7Yht2fRAJcDr85zgrUvSw7DVErNftRRtUUuCYmoAXuoDlYL8AcFxxNX/v9Hsijy0RC4Zd8RuybVyVU0yt
.casho.la/ Name: cf_clearance
Value: AX4O9UqHvb.LE87_bmLTVNX2kRWauW5KMyu3Z_odmJ4-1691431909-0-1-9a69f08d.d0e3b03f.cd68af6d-0.2.1691431909
www.clarity.ms/ Name: CLID
Value: efe30e326fc345178c47a4118983a00d.20230807.20240806
.e-planning.net/ Name: E
Value: AJmriUcKZ9TghKpd
.casho.la/ Name: _gid
Value: GA1.2.1878985784.1691431909
.casho.la/ Name: _gat_uk_contentplayer
Value: 1
.cpx.to/ Name: cpSess
Value: 4ba5713ae4d7b5af
.casalemedia.com/ Name: CMID
Value: ZNEz5XO7nUUIDozwdqgEWAAA
.casalemedia.com/ Name: CMPS
Value: 3200
.casalemedia.com/ Name: CMPRO
Value: 3200
.udmserve.net/ Name: apnid
Value: 5730477144318325021
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B4052459-A3E1-4FA8-B11E-0B82269C7A1C
.doubleclick.net/ Name: IDE
Value: AHWqTUkUuunPzTTs6ELSs47mCqZv9UjvfVqMvwyd1DfMH0zA8Hcxr2RgFrgG3ZTGeIE
.cpx.to/ Name: dsp_dbm
Value: CAESEIK2GfIaMJjfN431ipaO1HQ#1691431910952
.cpx.to/ Name: dsp_app_nexus
Value: 5730477144318325021#1691431910953
.cpx.to/ Name: dsp_pubmatic
Value: B4052459-A3E1-4FA8-B11E-0B82269C7A1C#1691431910965
.udmserve.net/ Name: indx
Value: ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB
www.casho.la/ Name: udmsrc
Value: %7B%7D
.casho.la/ Name: _sharedid
Value: 3146f6fc-3abb-4d61-88f5-4c3e446061c4
.quantserve.com/ Name: mc
Value: 64d133e7-a210f-d4601-7f876
www.casho.la/ Name: _lr_geo_location
Value: DE
.casho.la/ Name: _clck
Value: j36r3q|2|fdy|0|1314
adtrack.adleadevent.com/ Name: AWSELBCORS
Value: 9FC54D150466C174912E5199B1F8E822A79961F459222A4796B3BC5A624746187924E5A9D85256CD101C7B5617B87EC222DB6810D5FA7F2601127727C3997A195B0D3022C0
.aniview.com/ Name: aniC
Value: 1691431911851-973536490909-001235-006-009438
.udmserve.net/ Name: gdpr
Value: 17661:cmpMissing
.udmserve.net/ Name: geode
Value: 63816203511:80.255.7.104:276:C79753:D276003:S10591:de:undenheim:ZZ:55278:wifi:hosting:?
.casho.la/ Name: _ga_J9WFNRQLJJ
Value: GS1.2.1691431912.1.0.1691431912.0.0.0
.vidcrunch.com/ Name: aniC
Value: 1691431911915-952078490909-001215-001-002451
.casho.la/ Name: __qca
Value: P0-988025342-1691431908233
.udmserve.net/ Name: udmts
Value: 1691431912.0
.udmserve.net/ Name: pmid
Value: B4052459-A3E1-4FA8-B11E-0B82269C7A1C
.adtelligent.com/ Name: vmuid
Value: 98bc15074146f0fd
.adtelligent.com/ Name: a733849
Value: 5730477144318325021
.lijit.com/ Name: ljt_reader
Value: HHMDrRZHne9662hFSBakQJZZ
.media.net/ Name: data-pbs
Value: setstatuscode~~1
.gumgum.com/ Name: vst
Value: e_58c06190-b932-416d-b42a-7097546f8393
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjQytTC3MDI2MBDiM9Qtj_B19S1IS48PNy8AAMujVN8lAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAA_-MSNjU0MDcxNrYwsjQytTC3MDI2MBDiM9Qtj_B19S1IS48PNy8AAMujVN8lAAAA
.smartadserver.com/ Name: pid
Value: 7640565164426888160
.go.sonobi.com/ Name: HAPLB8S
Value: s85199|ZNEz7
.casho.la/ Name: _dc_gtm_UA-23669758-34
Value: 1
.servenobid.com/ Name: pid_312
Value: 5730477144318325021
cookies.nextmillmedia.com/ Name: NMUID
Value: csuid_6e882a10-b5b8-48d6-9f84-0fa950352b58
.casho.la/ Name: _gat_UA-23669758-34
Value: 1
.disqus.com/ Name: zeta-ssp-user-id
Value: ua-85a2f744-99a1-3fcc-9c86-c50f3179682a
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.bidswitch.net/ Name: tuuid
Value: affb49e9-0cc2-4344-98f0-bafc04e15f9c
.bidswitch.net/ Name: c
Value: 1691431913
.servenobid.com/ Name: pid_353
Value: 0000EEA
.missena.io/ Name: msna
Value: cj8j7qdh98hs7390po7g
.tapad.com/ Name: TapAd_TS
Value: 1691431913729
.tapad.com/ Name: TapAd_DID
Value: de781c70-8abd-41e2-bb1c-2f7efc458b85
.360yield.com/ Name: tuuid
Value: 36b73796-ef19-4f27-a528-af0524e6a54d
.360yield.com/ Name: tuuid_lu
Value: 1691431913
.servenobid.com/ Name: pid_324
Value: 5107433829258782300
.servenobid.com/ Name: pid_317
Value: 7640565164426888160
.missena.io/ Name: msnampdgnw
Value: 1
.missena.io/ Name: msnampdg
Value: 36b73796-ef19-4f27-a528-af0524e6a54d
.yahoo.com/ Name: A3
Value: d=AQABBOkz0WQCEIU-ucOeSAVAqnL9B8Idhu4FEgEBAQGF0mTbZAAAAAAA_eMAAA&S=AQAAAlPppYErdsQ0V-dsSGXbtLk
.missena.io/ Name: msnasmwtnw
Value: 1
.missena.io/ Name: msnasmwt
Value: b1f810163d32d0b701c8bfa0f426ccd7
.missena.io/ Name: msnaxndrnw
Value: 1
.missena.io/ Name: msnaxndr
Value: 5730477144318325021
.adotmob.com/ Name: uid
Value: 096922040378bc1b4ec1b12f
.adotmob.com/ Name: uuid
Value: 096922040378bc1b4ec1b12f
.adotmob.com/ Name: partners
Value: SMA%3A1691431913983
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: pbw
Value: %24b%3d16999%3b%24o%3d11100
.go.sonobi.com/ Name: __uis
Value: f1880dff-13e3-4b78-bf31-7baa3ea3cf7b
.go.sonobi.com/ Name: _usd_casho.la
Value: 1f82c164-b464-4d46-bc10-8e4d99ca28b7
.go.sonobi.com/ Name: HAPLB8G
Value: s86161|ZNEz7
.servenobid.com/ Name: pid_346
Value: ua-85a2f744-99a1-3fcc-9c86-c50f3179682a
.bidswitch.net/ Name: tuuid_lu
Value: 1691431914
.servenobid.com/ Name: pid_309
Value: e_58c06190-b932-416d-b42a-7097546f8393
.servenobid.com/ Name: pid_310
Value: HHMDrRZHne9662hFSBakQJZZ
.openx.net/ Name: i
Value: e3490e86-e798-4d27-b095-6bb94a372b8c|1691431914
.adfarm1.adition.com/ Name: UserID1
Value: 7264644754048153739
.omnitagjs.com/ Name: ayl_visitor
Value: f98f03a63ac7d4d615f6bb042ec2d483
.missena.io/ Name: msnasmrtnw
Value: 1
.missena.io/ Name: msnasmrt
Value: 7640565164426888160
.richaudience.com/ Name: avcid-zeo-uid
Value: f6444ad7-dcbb-43a3-6164-527de0307f44
.richaudience.com/ Name: pdid
Value: 43646921-d1d4-4001-a4eb-1zz1691431910
.creativecdn.com/ Name: u
Value: 0zEZpqla0Dxyke00P29J
.creativecdn.com/ Name: ts
Value: 1691431914
.missena.io/ Name: msnadylknw
Value: 1
.missena.io/ Name: msnadylk
Value: 1a503959ebcbd5f5cc7a854e6acf47b4
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 4ccd83088bb986da
.w55c.net/ Name: wfivefivec
Value: 6UW7pphb1Qt4HU5
.acuityplatform.com/ Name: auid
Value: 810617862598
.acuityplatform.com/ Name: aum
Value: "OikKAfqbdXNlck1hdGNoQnlVc2VyTWF0Y2hpbmdJZE1hcPqAOPqNdXNlck1hdGNoaW5nSWTQkWxhc3REcm9wVGltZU1pbGxpcyUBRHQmLFqEmGxhc3RTdWNjZXNzZnVsTWF0Y2hNaWxsaXMlAUR0JixahI90aGlyZFBhcnR5VXNlcklkIfv7hnZlcnNpb27C+w=="
.weborama.fr/ Name: AFFICHE_W
Value: H2Ag3u24n2Mf11
.demdex.net/ Name: demdex
Value: 81369816083266467084416187206224719126
.missena.io/ Name: msnarichnw
Value: 1
.missena.io/ Name: msnarich
Value: 43646921-d1d4-4001-a4eb-1zz1691431910
.adtelligent.com/ Name: a307971
Value: AJmriUcKZ9TghKpd
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~ZNEz6gAAAyP6cAA4
.agkn.com/ Name: ab
Value: 0001%3AAxGLbwWTQjEgnVSe2vK%2FFv0CFmYglaBP
.turn.com/ Name: uid
Value: 7266735936752934681
.technoratimedia.com/ Name: tads_uid
Value: GDPR
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-23274dc7-b2a5-5112-533c-a9899e314bea.GQ7yemrqXG31j2sGm4nnjOjYTMQuYzwietcKxoZzbQw
.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-23274dc7-b2a5-5112-533c-a9899e314bea.GQ7yemrqXG31j2sGm4nnjOjYTMQuYzwietcKxoZzbQw
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AIydNx7KlURJTPKmJnjFL6lD_B2g.QogU%2FSc%2B8%2F45lvAdwqK1SCFKoY4jmYdAw21J8cXXDvk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3AIydNx7KlURJTPKmJnjFL6lD_B2g.QogU%2FSc%2B8%2F45lvAdwqK1SCFKoY4jmYdAw21J8cXXDvk
sync.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPOUqYQv-xkHqmEcch57B1ccJLCW-dLtny8kgAXdsQ3TEHwYBCDq58SmBjABOgShleyOQgQG4Udc.sbBaAXrYCef8%2FUE8ccD%2FcLEGPRFPaii44QqW%2BdBdDiU
.srv.stackadapt.com/ Name: sa-user-id-v3
Value: s%3AAQAKIPOUqYQv-xkHqmEcch57B1ccJLCW-dLtny8kgAXdsQ3TEHwYBCDq58SmBjABOgShleyOQgQG4Udc.sbBaAXrYCef8%2FUE8ccD%2FcLEGPRFPaii44QqW%2BdBdDiU
.krxd.net/ Name: _kuid_
Value: PuKnXcfW
.fwmrm.net/ Name: _uid
Value: "e32d6_7264644754041374551"
.ipredictive.com/ Name: cu
Value: 8c48c19e-9d22-4c9e-97fa-763d6825accb|1691431914690
.outbrain.com/ Name: obuid
Value: f825284d-10fb-43f7-8d8c-3f9920e90abb
.zemanta.com/ Name: zuid
Value: OI2Qe5kWumjVtXy0CPzd
.amazon-adsystem.com/ Name: ad-id
Value: Aw2uE1cqxkvvuvWfk2620IA
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.casho.la/ Name: _ga
Value: GA1.1.1849936587.1691431909
.casho.la/ Name: _ga_PEGZJDQ1BR
Value: GS1.1.1691431914.1.0.1691431914.0.0.0
.w55c.net/ Name: matchcasale
Value: 5
.dpm.demdex.net/ Name: dpm
Value: 81369816083266467084416187206224719126
.servenobid.com/ Name: pid_333
Value: ZNEz5XO7nUUIDozwdqgEWAAADIAAAAAB
.casho.la/ Name: _pubcid
Value: a19d0c94-64e4-4514-97bc-08abfc0761a6
.analytics.yahoo.com/ Name: IDSYNC
Value: 19ah~2d7u
.bluekai.com/ Name: bku
Value: ikG99myp6VEWPN9z
.bluekai.com/ Name: bkpa
Value: KJhzp1+03M9zQws7iE+F4y0KeUBsOHJi9iiH/JLmCAhnFjxC6OkXIGbqnggI8F4Bq5mqmEMn2qddEK6kWHy1F3gCdo7lhqMRoz2b6oZbbq0wFZX+zMR/xQECjV7cC8T2pqNb2BP1426HC/1N7H64sAaTrxlZVMD/xkl5qo5vUNdmYVFAIwWVSnE0JRtvp1Pzig0AhmVJW9PJ1/XaOQPzIMaV4doSOuAcAS+1kwyLTCwjmjvvAb+IcjBDc1X6uBACvWXuJeeY/gVwm5IdFoYo8YCGJ7qI4G+JhsuKhsZhVDZVk95aU/jJGenQ6Ku2qM+F1H7LV2LNl8DKFKP6mF6j9/pWUzQ=
www.casho.la/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003%22%7D
.betweendigital.com/ Name: dc
Value: lux1
.betweendigital.com/ Name: tuuid
Value: 35b820c5-b7e0-52db-a8c3-b287cc12816b
.betweendigital.com/ Name: ss
Value: 1
.linkedin.com/ Name: bcookie
Value: "v=2&a846803e-652f-46fc-8a19-b3dddffa4a1c"
.linkedin.com/ Name: li_gc
Value: MTswOzE2OTE0MzE5MTY7MjswMjGKUGhTH8A9iw1wL61beFRLoY7ql1XziXGhu48/UOIn4g==
.linkedin.com/ Name: lidc
Value: "b=TGST05:s=T:r=T:a=T:p=T:g=2811:u=1:x=1:i=1691431916:t=1691518316:v=2:sig=AQHtNH35ZUtw_zoDOa0kWGPu16pBFcl1"
.betweendigital.com/ Name: ut
Value: ZNEz7AAOb1A1fOZim4NpTKJTyutRn_MFty0y2w==
.smilewanted.com/ Name: sw_user_params_infos
Value: BUNKxOxIIvFzGNS4lUXL4xoyVbkPg0MKwTf626jSzBHFPC3GkUmvOt9kAPJWzou5ch1ifPbqtu18egjmB0hjOooljQfmY3XmCTodvPTmEYH5NvuAcUS%2B9FdTh%2Fh14y%2B8WhD2Cz6PbjZNmFFJ0KkUx%2FftCG9FTiR9k3Dy54avjArWzBb8tRn29%2BNfvSiQmGtIn3EsGlI3Nxrvv6jBB0OkAFpIm5znHF7Cu95OLsWvUOEZxjtzOYvBc7jqKX17L4x6sW2Q%2FDUiLa0I3%2FCi2J%2FPJwn%2FICUSlSzgwm6lcUyT2Gg%3D
.casho.la/ Name: _ga_VKSM81WPC3
Value: GS1.1.1691431917.1.0.1691431917.0.0.0
.servenobid.com/ Name: pid_321
Value: RX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003
www.casho.la/ Name: trc_cookie_storage
Value: taboola%2520global%253Auser-id%3Dd008b7c9-3e0c-4302-8d24-1f1f8501e6d5-tuctbcab96c
.id5-sync.com/ Name: cf
Value:
.id5-sync.com/ Name: cip
Value:
.id5-sync.com/ Name: cnac
Value:
.id5-sync.com/ Name: car
Value:
.id5-sync.com/ Name: gdpr
Value:
.id5-sync.com/ Name: callback
Value:
.adform.net/ Name: C
Value: 1
.quantserve.com/ Name: d
Value: EJ0BEgHTKfijD9r7EA
.pubmatic.com/ Name: KRTBCOOKIE_153
Value: 1923-_ADWDfkH1wvnVYAN-lKfWP4Cgg3nA9QE_QJx9pKY&KRTB&19420-_ADWDfkH1wvnVYAN-lKfWP4Cgg3nA9QE_QJx9pKY&KRTB&22979-_ADWDfkH1wvnVYAN-lKfWP4Cgg3nA9QE_QJx9pKY&KRTB&23403-_ADWDfkH1wvnVYAN-lKfWP4Cgg3nA9QE_QJx9pKY
.adtelligent.com/ Name: a558003
Value: B4052459-A3E1-4FA8-B11E-0B82269C7A1C
.de17a.com/ Name: guid
Value: 1.5959916048236780741
.pubmatic.com/ Name: KRTBCOOKIE_18
Value: 22947-5107433829258782300
.simpli.fi/ Name: suid
Value: E174BB98A6C74CFCA5F8F526A7BFEA3A
.adform.net/ Name: uid
Value: 4253700080408965155
.pubmatic.com/ Name: KRTBCOOKIE_57
Value: 22776-5730477144318325021&KRTB&23339-5730477144318325021
.pubmatic.com/ Name: KRTBCOOKIE_80
Value: 22987-CAESEBWDxylDhhIbGn_qkq-qF0g&KRTB&23025-CAESEBWDxylDhhIbGn_qkq-qF0g&KRTB&23386-CAESEBWDxylDhhIbGn_qkq-qF0g
.pubmatic.com/ Name: KRTBCOOKIE_336
Value: 5844-5959916048236780741
.pubmatic.com/ Name: KRTBCOOKIE_391
Value: 22924-4253700080408965155&KRTB&23263-4253700080408965155&KRTB&23481-4253700080408965155
www.casho.la/ Name: udm_session
Value: 2
.criteo.com/ Name: uid
Value: d94f0ff4-5082-422d-8f59-5263b1908c35
.bing.com/ Name: MUID
Value: 25D8FA5AAF8860B516AEE93CAE2461D8
.c.bing.com/ Name: MR
Value: 0
.c.bing.com/ Name: SRM_B
Value: 25D8FA5AAF8860B516AEE93CAE2461D8
www.casho.la/ Name: udm_session_rad
Value: 1
.c.clarity.ms/ Name: SM
Value: C
.clarity.ms/ Name: MUID
Value: 25D8FA5AAF8860B516AEE93CAE2461D8
.c.clarity.ms/ Name: MR
Value: 0
.c.clarity.ms/ Name: ANONCHK
Value: 0
.casho.la/ Name: cto_bundle
Value: 4R4Bc19EJTJGekxUTTFHVldJR1hNazU3b0V1MEV3QnZ5QkolMkI3NmIyJTJGJTJCMGNQcU9xcVFTZnUxTzl1NDc0NGpVUU1VckYzcEk0SlIxNVV0OTdtJTJCRGhBUWVucGxONlBTSW5EVWppQ1pDS2pzdXRuR1dicDFPdjVWQTNleGlSb2VyRG1LVkpWb1owcjBzOUVXWHlJdyUyQkNDSXBwd3kyeEElM0QlM0Q
.pubmatic.com/ Name: DPSync3
Value: 1692576000%3A201_245_241_235_227_226_219_197
.pubmatic.com/ Name: SyncRTB3
Value: 1692230400%3A63%7C1691971200%3A15_223_2%7C1696550400%3A69%7C1692662400%3A35%7C1693958400%3A203%7C1692576000%3A176_88_204_71_81_8_238_249_220_264_13_54_214_243_21_56_55_166_251_165_99_46_234_233_22_254_161_3
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 5
.pubmatic.com/ Name: pi
Value: 0:4
.audrte.com/ Name: arcki2
Value: ei0yfI2yRqERCmJm5esDbnLXg!20220908!1691431920540!ip#80.255.7.104
.audrte.com/ Name: arcki2_pubmatic
Value: B4052459-A3E1-4FA8-B11E-0B82269C7A1C!20220908!1691431920543
.servenobid.com/ Name: pid_316
Value: B4052459-A3E1-4FA8-B11E-0B82269C7A1C
.onaudience.com/ Name: done_redirects161
Value: 1
.onaudience.com/ Name: done_redirects68
Value: 1
.ads.pubmatic.com/ Name: pubsyncexp
Value: 1691453521125
ads.playground.xyz/ Name: connect.sid
Value: s%3ABHXQbOCZc55KeyYE0j-XpYIjFtwdj4Y2.S6AEo%2BYRil%2FIq5u5syFOc4aK9CuBpBxkuwZ7Em%2BU8x0
.missena.io/ Name: msnapbmcnw
Value: 1
.missena.io/ Name: msnapbmc
Value: B4052459-A3E1-4FA8-B11E-0B82269C7A1C
.csync.loopme.me/ Name: viewer_token
Value: 37729e39-8b40-4dc8-b3f1-fc9bb1e0ac65
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-454fa167-f27e-4cee-bc7e-385eecb31b3a-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.pubmatic.com/ Name: KRTBCOOKIE_1101
Value: 23040-7264644754048153739&KRTB&23369-7264644754048153739
.pubmatic.com/ Name: KRTBCOOKIE_860
Value: 16335-IydNx7KlURJTPKmJnjFL6lD_B2g&KRTB&23334-IydNx7KlURJTPKmJnjFL6lD_B2g&KRTB&23417-IydNx7KlURJTPKmJnjFL6lD_B2g&KRTB&23426-IydNx7KlURJTPKmJnjFL6lD_B2g
.pubmatic.com/ Name: KRTBCOOKIE_22
Value: 14911-7266735936752934681&KRTB&23150-7266735936752934681
.ctnsnet.com/ Name: cid_1404e821a34a42abb0c0f7c460f94f40
Value: 1
.ctnsnet.com/ Name: cid_b5fab4d7448e4e4aa9b3f94412cd4a10
Value: 1
.onaudience.com/ Name: done_redirects147
Value: 1
.adsby.bidtheatre.com/ Name: __kuid
Value: bb1d93db-425b-43fa-9936-fd1cfcd52e63.460645921
.onaudience.com/ Name: cookie
Value: 328034c53ba2eadd
.adx.opera.com/ Name: UID
Value: OPU5380a3a6454e4a5fb1eccdb4fe927548
.taptapnetworks.com/ Name: SONATA_ID
Value: csonata_e7d263b1-30fa-44da-81ce-9af37745264c
.semasio.net/ Name: SEUNCY
Value: 4AA6D5AE4E3C1E97
.onaudience.com/ Name: done_redirects104
Value: 1
.rqtrk.eu/ Name: browser_id
Value: 1:4f944bef-b180-41b6-bae8-366be41ad365
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAA_9vEyGtoZmloYmxoaWhhZGLwC4lvYmhivooFzjcyNDIxPSWOkDc2MTUFAETfqldAAAAA
.bidr.io/ Name: bitoIsSecure
Value: ok
.exelator.com/ Name: EE
Value: "dad5d7eacb4c82271591623a21fe8fb4"
ads.avct.cloud/ Name: uuid
Value: c0778beb-cab4-431b-8c89-03c9253aaa70
.bidr.io/ Name: bito
Value: AAJN3U7JomgAACjQXusM1g
.pubmatic.com/ Name: KRTBCOOKIE_466
Value: 16530-affb49e9-0cc2-4344-98f0-bafc04e15f9c
.exelator.com/ Name: ud
Value: "eJxrXxzq6XKLQSElMcU0xTw1MTnJJNnCyMjc0NTS0MzIONHIMC3VIi3JZHFZatGCpaXFqSlJh5ZU5JTkNK0uiw91jHdz9PX0iVzmnFGUn5u6AiwU5hq02NDQdEl%252BUWb6IhfXxUUpaQyLSopPBR95MRMAyGArNQ%253D%253D"
.pubmatic.com/ Name: KRTBCOOKIE_1305
Value: 23408-B4052459-A3E1-4FA8-B11E-0B82269C7A1C&KRTB&23413-B4052459-A3E1-4FA8-B11E-0B82269C7A1C&KRTB&23479-B4052459-A3E1-4FA8-B11E-0B82269C7A1C&KRTB&23505-B4052459-A3E1-4FA8-B11E-0B82269C7A1C
.adtelligent.com/ Name: a281178
Value: B4052459-A3E1-4FA8-B11E-0B82269C7A1C
.onaudience.com/ Name: done_redirects219
Value: 1
.gammaplatform.com/ Name: _aGeoIp
Value: TH|Bangkok
.smartadserver.com/ Name: csync
Value: 66:096922040378bc1b4ec1b12f|92:ZDXVYrqtkN5A|117:f98f03a63ac7d4d615f6bb042ec2d483|127:AAJN3U7JomgAACjQXusM1g
.pubmatic.com/ Name: KRTBCOOKIE_409
Value: 22966-NrGB8F9IYXSaYWjVYhgXngQQ
.tribalfusion.com/ Name: ANON_ID
Value: aintuJt3er66AxvPBQpBowm6bbZaHYtaltPpZbaLuTM33ajZaTtZbFwUJTOGqBIZdqARJ3ZcglZc8g2wQXEZb2UV8MD5E6Ed
.zeotap.com/ Name: zsc
Value: %10%A0%C1%24%14%605%93%C2S%A65%EB%BA%F7M%A9%AF%FA%CF%D9%C2q%DDR%80%E7A%3AH%2F%B4%BA%04%BDBI%0E%F5%1E%EF%92%A9O%2C%B7%09%7FV%09%1DU%A3%173%F4%15%07%EBr%FD%89%FB6%1E%AD%02%D8+%8C%A7%9E%B7%BE%D0%7C%2B%17%F6I%BC%A9v%9FE%07%D6%BC%2A%CF%CD%80%87%90%BAQ%E6%B3%8A%A97%DB-xU%D0%90q%A8N%11%8E%A0%E9M%A3%07-%830%CA%CF%2B%0E%2B%8B%1B%B3%EB%40%E7%B9%13%E1%40%EF%5ES%E23%05R%87%90Z%3F%8F%B5%13%8C%AA%CDTa%13y%E7%1F%A5%F5%DBl%9Ax%B7%AB%CAv%FCP%98-%FF
.gammaplatform.com/ Name: _aUID
Value: pt721hksi1jt
.pubmatic.com/ Name: KRTBCOOKIE_1310
Value: 23431-pt721hksi1jt&KRTB&23446-pt721hksi1jt&KRTB&23465-pt721hksi1jt
www.casho.la/ Name: udm_iframeSyncStatus
Value: synced
.pubmatic.com/ Name: KRTBCOOKIE_699
Value: 22727-AAJN3U7JomgAACjQXusM1g
.pubmatic.com/ Name: PugT
Value: 1691431921
.audrte.com/ Name: arcki2_ddp2
Value: ei0yfI2yRqERCmJm5esDbnLXg!20220908!1691431921464
www.casho.la/ Name: pbjs-unifiedid
Value: %7B%22TDID_LOOKUP%22%3A%22FALSE%22%2C%22TDID_CREATED_AT%22%3A%222023-08-07T18%3A12%3A02%22%7D
.audrte.com/ Name: arcki2_adform
Value: 4253700080408965155!20220908!1691431922577
.pubmatic.com/ Name: SPugT
Value: 1691431922
www.casho.la/ Name: TAPAD
Value: %7B%22id%22%3A%22276b5e6d-3821-4285-bf7d-561a0439aafb%22%7D
www.casho.la/ Name: _dd_s
Value: logs=1&id=1037e529-8d53-4824-a89f-8f371076adbf&created=1691431911584&expire=1691432811584

51 Console Messages

Source Level URL
Text
security warning
Message:
Error with Permissions-Policy header: Origin trial controlled feature not enabled: 'unload'.
network error URL: https://www.casho.la/wp-content/themes/zoxpress-child/font-awesome/css/all.css?ver=6.2.2
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://www.casho.la/trending/assets/custom-script.js
Message:
Failed to load resource: the server responded with a status of 403 ()
javascript error URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Message:
Access to XMLHttpRequest at 'https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F' from origin 'https://www.casho.la' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.casho.la' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.casho.la' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.casho.la' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.casho.la' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.casho.la' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.casho.la' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://api.rlcdn.com/api/identity?pid=2&rt=envelope
Message:
Failed to load resource: the server responded with a status of 451 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
javascript error URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Message:
Access to XMLHttpRequest at 'https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&v=3' from origin 'https://www.casho.la' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://as-sec.casalemedia.com/headerstats?s=340102&u=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F&v=3
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://bid.underdog.media/udm-r3_v2.21.3.js(Line 4)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://ex.ingage.tech/v1/syncPage/aniview?to=https%3A%2F%2Fsync.aniview.com%2Fcookiesyncendpoint%3Fauid%3D1691431911851-973536490909-001235-006-009438%26biddername%3D155%26pid%3D5d8ccec528a0617cae5a0755%26key%3DINSTUID
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://u-ams03.e-planning.net/um?uid=&dc=b337141cfdc8cf59&fi=c1ab0a3ba8e76a50
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=f6444ad7-dcbb-43a3-6164-527de0307f44&axd_pid=175
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Message:
Failed to load resource: the server responded with a status of 404 ()
security error URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Message:
Refused to execute script from 'https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361' because its MIME type ('text/plain') is not executable, and strict MIME type checking is enabled.
network error URL: https://sync.admanmedia.com/pbs.gif?redir=https%3A%2F%2Fu-ams03.e-planning.net%2Fum%3Fdc%3D9937b3fd6e9a979a%26fi%3Dc1ab0a3ba8e76a50%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://sync.admanmedia.com/pbs.gif?gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D328%26uid%3D%5BUID%5D
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://tags.bluekai.com/site/87734?id=f6444ad7-dcbb-43a3-6164-527de0307f44&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=f6444ad7-dcbb-43a3-6164-527de0307f44&reqId=38fda47c-e072-408c-557d-1c1a7fcc7962&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 ()
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
network error URL: https://sync.crwdcntrl.net/qmap?c=240&tp=PUBM&tpid=B4052459-A3E1-4FA8-B11E-0B82269C7A1C&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 404 ()
security warning URL: https://bid.underdog.media/udm-r3_v2.21.3.js(Line 4)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
security warning URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js(Line 472)
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.
other warning URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Message:
Allow attribute will take precedence over 'allowfullscreen'.
network error URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Message:
Failed to load resource: the server responded with a status of 401 (Unauthorized)
javascript error URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Message:
Access to XMLHttpRequest at 'https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F' from origin 'https://www.casho.la' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://kvt.sddan.com/api/v1/public/p/29567/d/50/s?callback=&gdpr=&gdpr_consent=&url=https%3A%2F%2Fwww.casho.la%2Fjoe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon%2F
Message:
Failed to load resource: net::ERR_FAILED
javascript error URL: https://www.casho.la/joe-biden-hints-a-potential-tax-hike-on-oil-companies-very-soon/
Message:
Access to XMLHttpRequest at 'https://prebid.smilewanted.com/' from origin 'https://www.casho.la' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://prebid.smilewanted.com/
Message:
Failed to load resource: net::ERR_FAILED
security warning URL: https://d1oykxszdrgjgl.cloudfront.net/script.js
Message:
An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can escape its sandboxing.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.ad.gt
a.audrte.com
a.teads.tv
a.tribalfusion.com
aa.agkn.com
aax-eu.amazon-adsystem.com
aax.amazon-adsystem.com
acdn.adnxs-simple.com
acdn.adnxs.com
ad-delivery.net
ad.360yield.com
ad.doubleclick.net
ad.mrtnsvr.com
ad.turn.com
ad.yieldlab.net
ad4m.at
ads.avct.cloud
ads.betweendigital.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.stickyadstv.com
ads.themoneytizer.com
ads.us.e-planning.net
ads.viralize.tv
adservice.google.com
adtrack.adleadevent.com
adx.adform.net
ajax.googleapis.com
am-trc-events.taboola.com
amer.hhkld.com
ams3-ib.adnxs.com
ap.lijit.com
apex.go.sonobi.com
api-player.globalsun.io
api.btloader.com
api.rlcdn.com
as-sec.casalemedia.com
at.teads.tv
ats.rlcdn.com
audit-tcfv2.cmp.quantcast.com
b1h.zemanta.com
b1sync.zemanta.com
bcp.crwdcntrl.net
beacon.krxd.net
bh.contextweb.com
bid.missena.io
bid.underdog.media
bidder.criteo.com
bn01.er.bemail.it
bqstreamer.com
btloader.com
bucket1.mm-syringe.com
c.amazon-adsystem.com
c.bing.com
c.clarity.ms
c.tmyzer.com
c1.adform.net
c2shb.ssp.yahoo.com
casho.la
cdn.adnxs.com
cdn.globalsun.io
cdn.hadronid.net
cdn.id5-sync.com
cdn.mmctsvc.com
cdn.ravenjs.com
cdn.resonate.com
cdn.syndication.twimg.com
cdn.taboola.com
cdn.unblockia.com
cdn.unibotscdn.com
cdn.vidcrunch.com
cdnjs.cloudflare.com
cds.taboola.com
ce.lijit.com
ced-ns.sascdn.com
ced.sascdn.com
cm-supply-web.gammaplatform.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cmp.quantcast.com
cms.analytics.yahoo.com
cms.quantserve.com
connect.facebook.net
content.voltaxservices.io
content.wazimo.com
content1.avplayer.com
contextual.media.net
cookies.nextmillmedia.com
core.iprom.net
cr.frontend.weborama.fr
creativecdn.com
cs-rtb.minutemedia-prebid.com
cs-server-s2s.yellowblue.io
cs.admanmedia.com
csi.gstatic.com
csync-eu.smartadserver.com
csync-global.smartadserver.com
csync.loopme.me
csync.smartadserver.com
csync.smilewanted.com
d1oykxszdrgjgl.cloudfront.net
d280h7aj1u7b0w.cloudfront.net
d29xw9s9x32j3w.cloudfront.net
d2na2p72vtqyok.cloudfront.net
d2zur9cc2gf1tx.cloudfront.net
d5p.de17a.com
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
drm.mmvideosvc.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dt.adsafeprotected.com
eb2.3lift.com
edge.udmserve.net
embed.sendtonews.com
embedcdn.sendtonews.com
euexchangesync.digitaleast.mobi
eus.rubiconproject.com
event.insticator.com
ex.ingage.tech
factor-service.prod.voltaxservices.io
fastlane.rubiconproject.com
feed.avplayer.com
feed.pghub.io
fonts.googleapis.com
fonts.gstatic.com
fundingchoicesmessages.google.com
g2.gumgum.com
geo.privacymanager.io
ghb.adtelligent.com
ghb.hb.selectmedia.asia
ghb1.adtelligent.com
go1.aniview.com
green.erne.co
gum.criteo.com
hb-api.omnitagjs.com
hb.undertone.com
hb.vntsm.com
hb.vntsm.io
hblg.media.net
hbopenbid.pubmatic.com
hbx.media.net
hhkld.com
htlb.casalemedia.com
i.clean.gg
i.e-planning.net
i.vimeocdn.com
ib.adnxs-simple.com
ib.adnxs.com
ic.tynt.com
ice.360yield.com
id.crwdcntrl.net
id.hadron.ad.gt
id.sv.rkdms.com
id5-sync.com
idsync.frontend.weborama.fr
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
image8.pubmatic.com
images.taboola.com
imasdk.googleapis.com
injections.mmvideocdn.com
insticator-d.openx.net
ipac.ctnsnet.com
js-sec.indexww.com
kvt.sddan.com
lb.eu-1-id5-sync.com
lexicon.33across.com
lf16-tiktok-web.ttwstatic.com
lg3.media.net
loada.exelator.com
loader.unblockia.com
loadeu.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
match.prod.bidr.io
match.sharethrough.com
matching.truffle.bid
monetize-static.viralize.tv
mp.4dex.io
mug.criteo.com
mwzeom.zeotap.com
newsbot.unibots.in
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
odr.mookie1.com
onetag-sys.com
p.cpx.to
p.rfihub.com
pagead2.googlesyndication.com
pbjs.e-planning.net
pbs.twimg.com
pghub.io
pips.taboola.com
pixel-eu.onaudience.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel-us-east.rubiconproject.com
pixel-us-west.rubiconproject.com
pixel.adsafeprotected.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
platform.instagram.com
platform.twitter.com
player.adtelligent.com
player.aniview.com
player.avplayer.com
player.globalsun.io
player.hb.selectmedia.asia
player.sendtonews.com
pm.w55c.net
polyfill.io
powerad.ai
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid-us.creativecdn.com
prebid.a-mo.net
prebid.smilewanted.com
prg.smartadserver.com
proc.ad.cpe.dotomi.com
pubads.g.doubleclick.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
q.clarity.ms
qsearch-a.akamaihd.net
region1.google-analytics.com
resources.infolinks.com
router.infolinks.com
rt3029.infolinks.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rtb.openx.net
rules.quantcount.com
s.adtelligent.com
s.amazon-adsystem.com
s.cpx.to
s.e-planning.net
s.tribalfusion.com
s0.2mdn.net
s2l.sendtonews.com
s2s.aniview.com
sb.scorecardresearch.com
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
serv-selectmedia.com
serv.vidcrunch.com
service.bidlab.ai
servt.vidcrunch.com
shb.richaudience.com
simage2.pubmatic.com
simage4.pubmatic.com
sm1.selectmedia.asia
sonata-notifications.taptapnetworks.com
spl.zeotap.com
ssbsync.smartadserver.com
ssc-cms.33across.com
ssc.33across.com
ssp.disqus.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stags.bluekai.com
static.adsafeprotected.com
static.criteo.net
static.smilewanted.com
stats.g.doubleclick.net
stats.systems
stream.unibotscdn.com
sync-tm.everesttech.net
sync.1rx.io
sync.adkernel.com
sync.admanmedia.com
sync.adotmob.com
sync.adtelligent.com
sync.crwdcntrl.net
sync.e-planning.net
sync.go.sonobi.com
sync.ipredictive.com
sync.missena.io
sync.outbrain.com
sync.richaudience.com
sync.smartadserver.com
sync.srv.stackadapt.com
sync.targeting.unrulymedia.com
sync.technoratimedia.com
sync.tidaltv.com
syndication.twitter.com
t.adx.opera.com
t.unblockia.com
tag.leadplace.fr
tags.bluekai.com
tags.crwdcntrl.net
targeting.unrulymedia.com
test.cmp.quantcast.com
tg.socdm.com
tg1.vidcrunch.com
tinyurl.win
tlx.3lift.com
token.rubiconproject.com
track-selectmedia.com
track.venatusmedia.com
track1.aniview.com
trc.taboola.com
u-ams03.e-planning.net
u.ipw.metadsp.co.uk
u.openx.net
udmserve.net
uipglob.semasio.net
um.simpli.fi
ums.acuityplatform.com
underdogmedia-d.openx.net
unibots.b-cdn.net
ups.analytics.yahoo.com
us-u.openx.net
us.ck-ie.com
use.fontawesome.com
usermatch.krxd.net
usersync.gumgum.com
venatusmedia-d.openx.net
video-ads.rubiconproject.com
visitor.omnitagjs.com
vms-players.minutemediaservices.com
warp.media.net
ws.rqtrk.eu
ww1097.smartadserver.com
www.casho.la
www.clarity.ms
www.datadoghq-browser-agent.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.instagram.com
www.oo-syringe.com
www.tiktok.com
www8.smartadserver.com
x.bidswitch.net
ads.viralize.tv
apex.go.sonobi.com
as-sec.casalemedia.com
csi.gstatic.com
ib.adnxs-simple.com
kvt.sddan.com
lexicon.33across.com
pagead2.googlesyndication.com
prebid.smilewanted.com
prg.smartadserver.com
script.4dex.io
t.adx.opera.com
104.122.24.29
104.18.10.47
104.18.12.242
104.18.25.185
104.244.42.136
104.75.89.75
108.128.97.117
108.138.17.31
108.138.7.113
124.146.153.160
13.224.103.113
13.224.103.29
13.225.83.103
130.211.23.194
141.226.224.32
141.226.228.48
141.94.171.212
141.94.171.216
141.94.202.176
141.94.240.143
141.95.32.69
141.95.98.64
142.250.186.66
145.239.193.51
146.75.122.109
147.75.84.158
15.197.193.217
151.1.205.165
151.101.193.44
151.101.66.49
154.59.122.79
162.19.138.117
162.55.120.196
162.55.233.28
172.105.43.230
172.66.41.9
172.66.42.247
172.67.10.198
178.250.7.11
178.250.7.13
18.158.157.188
18.165.183.122
18.165.183.14
18.165.183.81
18.165.191.236
18.184.249.152
18.193.126.37
18.198.126.47
18.198.127.193
18.198.80.207
18.200.218.194
18.205.77.144
18.66.112.120
18.66.147.48
18.66.97.62
184.30.24.22
184.86.251.88
185.15.245.83
185.183.112.148
185.184.10.30
185.184.8.90
185.239.173.210
185.255.84.151
185.255.84.152
185.64.189.112
185.64.190.80
185.64.190.81
185.64.191.210
185.80.39.216
185.83.69.58
185.86.138.122
185.86.138.151
185.86.138.152
185.86.138.155
185.89.210.90
185.89.211.84
188.42.196.115
193.0.160.131
193.3.178.2
193.3.178.3
193.3.178.4
195.5.165.20
198.47.127.18
198.47.127.19
2.16.164.91
2.21.20.140
2.23.197.190
20.231.53.73
2001:4860:4802:34::36
205.234.175.175
208.93.169.131
212.82.100.182
213.155.156.164
216.52.2.16
216.52.2.86
216.58.212.166
23.201.255.110
23.209.22.22
23.212.88.20
23.212.89.194
23.227.139.243
23.227.151.202
23.32.184.192
23.48.23.144
23.88.17.186
2400:52e0:1e00::1047:1
2400:52e0:1e00::1053:1
2400:52e0:1e00::1079:1
2400:52e0:1e00::1080:1
2600:1f13:800:7781:1be6:f1b0:79a9:85e7
2600:1f18:6593:f600:4cde:8aa:915a:85c4
2600:9000:2057:fe00:0:1651:6140:21
2600:9000:20eb:ea00:19:4ac0:c3c0:93a1
2600:9000:214f:1000:3:64bd:d2c0:93a1
2600:9000:214f:2000:3:64bd:d2c0:93a1
2600:9000:2190:8c00:9:46dc:4700:93a1
2600:9000:223f:e800:1f:4c18:bd40:93a1
2600:9000:2490:b200:2:aa19:6400:21
2600:9000:25a2:1600:8:48e:53c0:93a1
2600:9000:25a2:1c00:5:c4ab:c3c0:93a1
2600:9000:25a2:2e00:12:abfb:9280:93a1
2600:9000:25a2:2e00:1:96ec:5bc0:93a1
2600:9000:25a2:3000:10:be65:1fc0:93a1
2600:9000:25a2:8a00:12:abfb:9280:93a1
2600:9000:25a2:b400:6:44e3:f8c0:93a1
2600:9000:25a2:ba00:3:a4cd:8380:93a1
2600:9000:25a2:d800:1a:7b6f:2940:93a1
2600:9000:25a2:e600:2:4149:df00:93a1
2600:9000:25a2:fa00:1a:eb05:4900:93a1
2602:803:c003:200::44
2603:c020:400d:3000:7130:bb0b:d7e:bee2
2606:2800:134:fa2:1627:1fe:edb:1665
2606:2800:234:46c:e8b:1e2f:2bd:694
2606:4700:10::6816:1857
2606:4700:10::6816:445
2606:4700:10::ac43:17ea
2606:4700:10::ac43:246e
2606:4700:10::ac43:2483
2606:4700:10::ac43:266a
2606:4700:10::ac43:2954
2606:4700:20::681a:346
2606:4700:20::681a:450
2606:4700:20::681a:78b
2606:4700:20::681a:bd1
2606:4700:20::681a:d43
2606:4700:20::ac43:4728
2606:4700:20::ac43:4bf1
2606:4700:3030::ac43:dfab
2606:4700:3037::6815:48a7
2606:4700::6811:190e
2606:4700::6812:19ad
2606:4700::6812:272
2606:4700:e0::ac40:660b
2620:116:800d:21:ef75:8280:f209:5ba1
2620:1ec:21::14
2620:1ec:46::60
2620:1ec:c11::200
2a00:1450:4001:806::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2003
2a00:1450:4001:82b::2004
2a00:1450:4001:82f::2006
2a00:1450:4001:82f::200a
2a00:1450:4001:830::2002
2a00:1450:4001:830::200a
2a00:1450:4008:807::2003
2a00:1450:400c:c00::9a
2a02:2638:3::3
2a02:2638:d::a
2a02:2638:d::d
2a02:26f0:3500:2be::2c79
2a02:26f0:3500:3::b818:4d30
2a02:26f0:3500:3::b818:4d3d
2a02:26f0:3500:3::b818:4d48
2a02:26f0:480:25::1726:622b
2a02:26f0:480:f::213:7ed1
2a02:26f0:780::5f65:3678
2a02:6ea0:c700::18
2a02:6ea0:c700::19
2a02:fa8:8806:13::1460
2a02:fa8:8806:20::2010
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f276:d2:face:b00c:0:43fe
2a03:2880:f276:e8:face:b00c:0:4420
2a04:4e42:400::729
2a04:4e42::300
2a04:4e42:a00::282
2a05:d018:24:b001:fe02:48a4:8f13:7b81
2a05:d018:d29:3602:f6b8:ac9f:b43d:cf2a
2a06:98c1:3121::3
3.120.19.63
3.215.3.149
3.64.52.102
3.71.149.231
34.102.163.6
34.102.243.38
34.102.253.54
34.107.214.50
34.111.113.62
34.111.129.221
34.111.131.239
34.117.33.6
34.120.133.55
34.149.20.76
34.160.236.64
34.194.30.69
34.195.119.133
34.197.9.3
34.230.93.188
34.242.166.215
34.254.143.3
34.91.62.186
34.95.69.49
34.95.81.168
35.156.39.179
35.157.246.167
35.186.193.173
35.186.238.232
35.186.253.211
35.210.239.72
35.214.196.82
35.241.45.217
35.244.159.8
37.157.3.20
38.91.45.7
44.195.175.110
44.214.13.119
44.215.235.22
45.133.44.3
45.133.44.4
45.77.37.165
46.228.164.11
46.228.174.115
46.228.174.117
5.135.209.96
5.135.209.97
50.31.142.191
51.38.120.206
52.0.248.85
52.206.242.72
52.208.148.0
52.210.15.1
52.210.82.246
52.220.229.2
52.222.208.154
52.23.97.211
52.31.139.111
52.31.154.19
52.46.130.91
52.48.249.243
52.49.58.171
52.57.252.119
52.6.230.110
52.94.222.140
54.194.114.76
54.211.96.115
54.247.118.8
54.38.64.100
54.72.30.63
54.77.46.237
54.90.59.157
62.149.23.112
63.34.143.222
63.35.76.22
64.202.112.127
64.227.64.62
65.9.66.97
65.9.7.64
67.202.105.21
67.202.105.33
68.219.88.97
68.71.249.118
68.71.249.120
69.16.175.10
69.166.1.12
69.166.1.8
69.173.144.137
69.173.144.138
69.173.144.139
69.173.144.165
69.192.160.186
69.192.161.76
72.251.241.196
76.223.111.18
77.243.51.121
77.245.57.72
8.2.108.106
8.2.108.194
8.2.110.24
8.238.30.250
8.39.36.141
8.43.72.97
80.77.87.163
82.145.213.8
85.114.159.93
88.221.169.246
88.221.169.49
95.101.54.123
98.98.134.241
98.98.134.242
99.81.161.232
99.81.36.106
005c3133bf387e1b00a5ec25effc468f7752591adac19a3782d200bf68a970f0
00df7890e16d45dab1d62c423553a27d2b3fc37d4ab3b7a98ff2a7bff7d6f539
0177f9b2f92aca742f803048121c07525f10b4e4c34bbef3828dcefad69064b1
019fb4fc54a92b4315c07c77c7899f58f932b5c84b9d151fb5b273d9bb0f3e66
01c3a025b0c8fb03bc17b1bfb5d0e40ff081556e844abfb19044728a9fa1310a
01c9f493b0db5fdbf24f23861ac685955865fcb60ee346c6f0274cfda17ed276
01ceac19d4db649328dab8cb759c7bcba6e3ca9f3605723bc0fdd80c1c4d2c2e
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
023cf8b8a67fe94bcef10d2a02505f939fe00978a20638cc40de1d7842b3521c
02587860036008e67522b434daebbb32422476ba6454c6f31816951ebeade07b
034459651dfe7dd9d35633ce1e7da053b4b385a896edfadb4998c34d929fbf8c
0391042e0e111437f4a2dec7560098dbcc04b68df753281b207b3c956430c89c
03bdc578df22c63b243c4f3e898dd7d083c65b24205260541b0abc072cc38e5a
03e0c4412adbba31e11bf80f1677f178f072a8da0f63ac904638c88a5a51b287
0408a7735a7c8494c5fe2c0b852aeaccaa6a533f30622a4aa68ad6434e2e481f
043f529c0577388ad89a0f91d6fc6d7c0a471912cab404b02d02cdce303a0cb5
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
0597ab745938c4a2cc0818fc2447beb211629e484fed0b4143bdd6fa5724be61
05dbc51654b96590d176c27efbcef2cf4ac0497499a9f28b731b73eea399070c
05e37ee5edccae942d9f7e506e9aea2908a87b10e852a598817bafc449f7fd77
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06e5f610688549c5a9568a7b86890f008bff187d18b1d4263f6df69fb4ccd578
0775574929b1d066d07ee7190421c4665a43d32e78252ad0cd56c69c33d393fe
07a489999c001495c859dc7db0a16c63e02a3c3a7cd2827d942d53372491fec7
081ea4c13b54ffd6e3f4c5f2ee3a1665ac4b6dc3187d13ded3f3b9d3a9803022
09222eae69ca77461b6fe3567991dfa3d371fa4f1b061da3dc3828e7233231e5
09343d3b3473e1c994b2d603c99feb8a0f63fbd3ff20be7432ff18b973dbe651
0937140627df60ef2b3fb454f37d12e470769d5ad4068bac777985aa69805ea6
097421709739a12afd21bde2ce7d15857f7baeda2dce7479ef3bdcf7a302ef4a
0978ce95f8aea87c48a8ebcf5127fbd78847f9d79caa84e4ff876752b4249a3d
0b73551c88d4f5b0cc444200144cd27f03b964ede84adeaed07eadfd2cad9d28
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9e3146908391fc165a5c5bb6d556d33f66fd00f5bf0ab7cc2afed2836bc07d
0c1ce1aa8e07e9cd49cd881147c0495b5c636dab10ab1c30ceb935b74a8c0ecd
0c46d3b5218424bc0cb4c868abfc21fbcee6fab184289a77928bce49ac3d5ba8
0c85f03ee7ffd8a409d628d4b368b63454b8f70fd43c2747f88f41df5dbc23f3
0cf8fc27b2aad322fe040dbdd518952b047a00b50449782f8646c3276b8b77aa
0dc6bf76600e02e1d516f92dc100d66e56ca3b45a24cac0277bf35bd21edc090
0e095301796ba62323ebe679af07188d4d889ad85040c1e4dc3613f8aab876ab
0e53c57c02bc1893290ace288f875fb7f24ecd07008077da5e9751f51040907e
0ec4468370648181b336d860a72523f2297abcb011db94b197e9fe22274f6aac
0f8cc5ca5c6cd36363867d264da5ea73e8f966c627cd6d6b07a3c8037210eb62
101e567d6d749072d52d632bd5b39897278fa4ce9fa7750d57fc892ba842499f
115e80ae38a9ca9fa929074866c80133cf841928cb21ae783e86ea756e03f5e2
115f6a626ca115d4ad5581b59275327e0e860b30330a52b0f785561332dd2429
11b2088deff6ac044087d2ef9e23453bc600e5e505f5cca9bd62a4cfe6d11a74
11ec04e3948e25a0d78d2f77c04940b8e38a086624ec36fa4605a2a69b133e94
134491a9bf8a5da500d3cfa94fe4b86ab1795347d9f4784d398cb97c74a85043
134585e07c76bc75c0b03610f5ab17a2b791ccca69fed16fa0b5bc1bd6bfb578
13788b39504e716aff3525330ed3f9ffbc156dfad9728207fdb9825d11eb6e68
1385230372819d6d949d54655a95aca4e71a720f779fc8238796dc839c0d22ed
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
16b018c3726370f880955556dfceb109925a7e2f719eedff6e5483a4526c7608
170542634de00e486dffd3600325e2e69fb06a41c1bd54566c58a7d098bf6762
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
189b8ed64093b12937354b2ef71ccf1df59690d90432241a10fe1cb25000acba
1973a520ed99fb012d8ced4fae38ee23741dc04609c4510124423bd19dcdb5fe
19d462753622cb54a31c01de3fe6962c477f3818f8fc5b748501380f03216c68
1b92260a400bea230772ccfff1953fbe65deeb30da1a8aa146342d20833f24ff
1cc6de1a4f6a561a6aa75d08bae33388b2e8905d01753aa41e4886a466d7c28c
1cd0aa1ce370d6b57ef4ed20b1d444f64c5b50de517fb62aa86bdf9d67a12371
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1deca4e145217e2d433ffda61dcf72b357c597e77c07c6cf68a668841934a713
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1feb79de0dc55cd770e59b9f62f34da85a3f522f7b06c415218ecbb4df7f9686
203cb1741183a16bc13973efbc3192fe59dc63a2b8f47ea83ae9eba220c87184
21cfed7eb47b3b9d993cf5a71b4feb6e45c17a34e5355f197deb015ff7d877f2
221e69003af87e6e8f934828ab416477126f3c062500e3bcb636bb9d87bf9b06
22ddd46d06aa456269600fbfe8f18c34ee968b857d1bd1752d31697e73d0970f
240f4b24556b4dc7b2b149c5e523d7816589b3b42c04d8acb86e882cd895c110
24cb9d7dfaceaa25230f3bcee6159c5142c268287208a2a828e0be4f733c1fb8
25345c6a3e4ea39d186b6b47a930fbb4af45ba036948a90f0d73ddb28543ecd9
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
25d8490844168352ee5529025f56d57c43100ecac86f486be3e3e5a7173a38e0
266bcea0bb58b26aa5b16c5aee60d22ccc1ae9d67daeb21db6bad56119c3447d
27961ab8c37cddad89230364167c048c6377a80e38542a5ffbca600faf4098ea
27df41a622e2878aa94077bc3feacce6960f86d938d28032b33482c6964effea
2895e5ed5c744e60706d7b9ca2659c79555abd6a8a876b547b82bb89299fc6a3
291f515583a6c387346d142caed7efda8f0630866c7fc9d0f026fd95aed50081
29ac6868c6f323f34418933683b2496a3274059f44f5909df6be3e4c10b1f428
2a354649f57a81405daccfd6b5785da5f73ba638f2db591992cb7b739dac3135
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2ac194d6713ab93b6db5a93acd42bdd04893c76ebe404eced269e696fd25d20a
2b4533ec5aec934be2ae10b698a5e00d83831e37d8231f9897a0770aee8809c5
2ba6e3077a30bc1be85a169b3635968baa0c225631a3d72cf35616ffccb29d73
2c3a2395f5bd4bc2ccd45e6c78cdcda016d80c84f378ef4bfafc73f27aa06017
2c9b17615d0869e2a0e241f70a757e7160ab0df9bebef21bf4f1cbc15e83f9ae
2cd8109d50ec7e7d6582053710b6c8e50e6f3bb66144c4d6f232e85123752e76
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
3073de612585b22c6a0468628ffbc95951dea16f36cf4fcfa2fb9955bcb64548
308828e4dac643d094958767d331361a1e795580943554f39f0bd8ad782808ae
309607d9c753cb6d5a21a6f4b04ee5b539257fb4fbdd12bc4a2e240eb05301da
30e803abeaebdfe344b4c2ab06dac344d5e9ca947cfd73c9dc5d97061b1e622b
314239c0951006468f0c6db2d927690ce7f623ce86544796a5aeea93e36c7456
3195d8e7194c7c0cf90c2377a6f6825244b5fc26c8c342f5cfa2a3a876468643
31b45c462302ac175bfa43f9e5591491db780ca094f6ecdd2907f25ad578448d
31da5e757bab8cb5b1cc78448018950d02f2ac5c4fd97bfc7ce67f31eeb8428c
32f13b82c3a29f0a81f283519fdff7befd91bf2d810bd4eb929c32a0b86c5440
3477fa3f9c82987e8ed7b37da7352b41ed88f4a7a01b4754f8cc4a31e455cf34
35347a100232409b89ee158c56720b5ebf3665a47b26bdac97cf99077fbdbb8b
3610e0e316ea7de842a7e924d11d705ab75906abcdaa0c79f42fbd5cb1802691
36450a92fe687195cf33d0a8098dce473f832a07144be0d5e532293341c296d2
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37d216fb94deeb991226ff72c80fe650495c62c483d95cd5e3c7fff622f623fc
37da4f4e9645bcde259d1669db9d2548d9ff4f80e72bbe405232924129ae4db7
3817329b2b0306df1b2adbc5b0def56d41ca48ee151a09fc0fa6a919ff42035b
38d35cbc5b832e7d8ee709041dcf0bf7111a865069d0461a298a7d9b01682112
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3988c48553d20e45c8077af08f6c5349ed3876d898c618e6eeb06937e9514260
39ba9a323ddcb12da804bf4c7ffad66c4d43029810278fc909936d924dab16bf
3a0728ad59948b915d36817449cb4d72ca83be5fcab2f8ce4f3ddd6884d9cf41
3b3ed4b191fdd529075b8e099f5daefd684e80acd4c9514a70b6ad746e949544
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3b7f1a6aeceeb60c709478e55147a48f4031ac6617b3ab089210f1f1f59b7204
3b8cb670b8eb79c32a42d775b6ecd4ddf43e2eedb5a3151828eaf8be1f2b3e14
3c4a40376ae1f8018ab31ce27010176d393d2d91c3e538db9b40ab9362a35415
3ca36038086d2ffbe06769f5d64679d6b3d967fba30a892bfde1ae50934591a4
3d3fff4a210d791bfd98347f39cf241cacfdbb3602b3319c6820c5a4160d8b5c
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dc143ee1d016fa8c111003fc79c9f64a73a36a496685459fd0d97ee84ff5b24
3e7d49f24d56db02c7baca8ae3a17555c2e527571450e8c24c77b453407e267a
3ea555c1e979c28e1d20d729c64ff36b267b83dcabdefe96460d9ae860e4082f
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
403205d0a016454706357a3324a6d7b6b1feef3df33abb94d6059c1c4424ba0a
41514feeb38f4f3d0fcc41d00d04c744e0e534930b030ca6efc0eedb892022ea
41f27ae2609d4549c2d6f24e957b88addceb46ae5353175f040c73a97dc89cac
4240f5f1567668c90d34aaf10dcd7d3212e51354e17d713116673285fd95f15d
42656c5a534309426b3c5452b07c4013df29165e754e36e51d724ad962bebc1f
4271064a37f3ffc0aac5f3806db8a72acc23e19447d1804e4e80d8796cbf6330
4279683b1b25769be172b58123bc6468b2e7ec34deadc0730a3f5d2a249f9394
42cab56dd4465e77898e29ece8fe8666f9f87c7dd9bd8d8b3d04acfa29df5c03
42e2459cc3695823eb776a61c5db7635f85baef2eb5b34be824ceaf62d41ae5d
42f8505b4b6d5476091672c8ebc27d1ed2b9d21a68890145135578a6737ef053
4303af4b039a582af5ccabd4d2a66a8ea5fc8ee122d21850192876bd4ab421a3
432af925fe0914739b9f31b8ac74eebeb26321b8cbef1e2884bdbac10b2842cd
43f804d38a294c6df1ce8ee64fb95ad0ff5a8d6d5685d9537df02212668a1dff
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
44186b3e1d7fc7e4c38cccb003bc13e1757665660406b166a6b64771df8874ca
44934c324768f6502930dcd0e56b7bcbb2eaf42925cbbc6005aa7b9ca0d9538f
44f58eeac0397dffe348919631f5da7e80e4065a61ca42dae6aa9963f254698c
45cd14915c5bccdb6b314c99d357229acb52abed61b21f037eb61dc5c41e8523
46621e3e8ea3951414e12c75438ac3f320b7f7f65ea8bd9effb837af959c4d9e
4672b37f99a355152ea5257ba3187597fb9a12fb33a06492131461f469f5dd09
46a9498a256ffb13b195540b7b5918c9830333f170f3f61ba8041a305996406b
47000d25caecf0d921badd9109d9211e5dde6dc3178f03066f69337ef72f6420
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
495ca7f9045fada5b773333cb5ca9e163e87c2162b290b722af4239f4244c294
49aba4768cafaa9b64d8626e2cc5ff2b5df75b7975f74bbd20f388febf968277
4a842d3295b35d0fdbaed094d22f5926f2bcaa2d892ec7ea9a9a89c1f84b33bf
4ae11c22309d6edf6d127ec84179d8879329ae0d413164d729cc778f016f4f04
4b2e4c76593f35546a43058aaea6edf1ad7ecd5bda38584d2cad1d94769737a9
4b56c73fc679df3678714fc5f2b472950c698f4ddcc76de9f67be729cd4e14e5
4b6825f49ba2b9c5e73dd794e4fd78043ce2c82a6634a9d8850fd56a1a754c1b
4bf7264f30deeb81d01c84f1391db13744a4addf86af434cfd1d609cec819d14
4d71e245e039e2ab2210e33f77247ae8b8d1c899010a02a799ab0d5a961910b5
4deef1f7b7429306b296e117b181f4b7357c2b20f9fff7b91feaf13573716f8a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4edf37d240c72f41cf96d12cfff4407d66226a3afa1f8109824d03ebe54be9d2
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945
4f618d20d85f3163d72432606f3afa3c17b6c79954f967ec3df9a710503c9df4
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
4fd845c831faf59bbc1493acb8d896841a78c590473d10bcb7ee0ae16d5978fb
5011a9af1db45d6d869d6dc0b9462821710866a344ac187ccc36099fd276c2f7
5028f77ac0afdac1bb66eaeeef41e77cea0f2487a66cb1df354d8680db1bb64e
5051c8cbddad43f130aef4f120cc12f79c9b836769022c2f04561f863d4e9d53
50e1a9f6eac8ee819df2e16bd10c90344c49b271b77c6235592c525886577588
5124ca919cf8d8860466b9c3facd95e4929ca3f49e2f6f3e64c6656141bedf3b
51703bb0e9d331aec6d24ea5644d5247673d98013ace3145b66376a1af59f490
51cfb7dabe58e1f219a0eb2605fbc7071e139fb208b219819f7f1689bee176c1
529040ffb31edc3b458168066d513769520e983e2cc9ffb8d6c9ea0d98c57a11
533d2ee34cb1a4b281414f52e814ac9b8f6fb7810552fb2bebe23943e04291a9
53e42eac2910d072b26f840249769d3d2158019bf5e2616f98ba1023dff5b88d
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551124d27e3538d0888357d9018245e643ca0656cf609475fdecf2b895b14f1b
559ffc5fa5eadd77f8bfaaeb793648763e312a17391d8e6bbb7d8d3dec2147e1
565339bc4d33d72817b583024112eb7f5cdf3e5eef0252d6ec1b9c9a94e12bb3
5694d61d5fc291fc115956d1e9bc49cf4039905e68244738297c6c80905206cc
570e90ae53be52eef8849a7f762b304f2506e2d3ab6146bc8dff279111666d74
5848fed0499a99763526e2178efc1bec18842259a88cb1cf12600be9ddabbdcd
58a8a37fc288ebcb1babc66777ac8c7a922e145d307567c8b7a824dc959c41f9
595a2e2873a8eb7c3c90ef5d9f6563c00f62dbdbdddcfd428b0ae474ce7244c1
5b123b7eae1cbb110a2e2a955b2b6bb7a3bb543b58346c2ece086c8d67f61547
5c4d187b944496b78f9da0e4a90492ad47db4fe0eb9e5e7d2f4ee15d69a5fbca
5c55aa57e1032044717711446000bfff5a325011af34776e6cc2cc93ce372e2d
5c6068599000f006ed689152a0731dc10c53de350d5b0f6f4c98bf38db2560ca
5c9343c78995c64df2af5e83b1a4de5140d356a1220ee92086518016d56da64b
5f50b7e2dd83cfd38b606d2eb70bcb99dd4d4c462295db0baecaeabe7812e8f7
60aa5f3887a6898f61521da959fc2cbbc9c83a4c1ca525bb4d02167246d0186b
60ddc774c7b5fd0c01d169321a444da403d60c0042f6bee01b0c96f6e1535fda
617238fac0798f7ca26e363ecd0e29caea274ec56c4109071a27052f5bcfc921
62a60e96b24ca6549e96b8f77fab54e728a6b878c9fbe2ebe6abb66cef31b7f7
62b0be6cd8e64b5f6e54a928a380439185061d122b32ec60008a66d6fb5092db
6323865009dcb5c3a76c9f8dfb485d28eeceec77f8783565265e2c378d37e3d6
63b845e7046f874ba4d1faf8fd80cbea6e86f31b70dbe63bccb58e5e00a60635
645709dcb09b2700fd5a5938dbdf783ac90a88334e5104041db53302441f33e4
6532fd2e1b8fa0e2427b3be9158469cef846655d968f69c8956f3cd9b7068aff
65b1c6fb04331563d3abddf74bfde40058fc4734797969a92d0db58e2c60939d
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
677bab83edbaf28095393d59cebb7929d4d06499ca6ece8081a430f0fd2efa9d
682cd18d76a90b55a5feec4d49977ec946fa18d5bd070e6e8ba563fb9ff9e120
683bea3e85219915f02b2d79f702f6b659225772cfa3d8f4de2faf351b54e556
6941af6b6a21b9b440e46d437f45073261d42980a9c5aecaa6a02d5b54c4459e
69a872436abaa1fa039f2403e0dc297dbc75f15f3eb043f7170b0deae14728f3
69cd3575e99cc3ae3b5f8b94ec35620146c342126204aadf1586c5deabac1fad
6a156519b783c083e2c25ed5c49c00dd956d6be26a347ef09a77221abbed33e9
6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c
6abd505041779695618e41a1d76dd4457e4317712a2124bfa5580fc60403a79d
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b814d02958e339eaad22839ea7a29d3ade9071a5e9df9ce065def22ab595936
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d3282900f478b5abd8d6e76d85a16e6d6ec60adba9b7648ff8e6c881505d9ab
6d845c55a60ee43cf22012d2702b2ffe7b5ce79d49e51392a71e0d9cfea9fac4
6df27c0bb63c6f0de7e1f3af6d264829ef436bcb7057b271514a58a5ba4c2fd8
6e91aaec2cb3510b97bb0655abdb08942dbefd617b169d0cd97b23fc48e68b2b
6eebbe36469ff48238848738be8740340afe3a863ccda7d3a0e27d1dc2ea03b0
706c5b72e7c8024718dd952560d910759b38bd6b61a614769e3991d6804fad79
70b40f508155672aab20ad25784fafc961512c615966adf222eeba2376cef0a4
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
71f0c958e33905cb028dfd76ff7fcffa9d57a260845594e84d116530e3f80a36
727f8ee9d236bb2ae032f811eca79283a9ef229365abd8eca25fc4892cd61887
73c6789620af1c9f950074e861541aed0d43bdd4e6116fe95d0d406310333695
73e19401707d030422213eacea81ed13ef140752da1382a534e2e52385425e02
740da0b55ec85d06a7a81fdfa62a1df291cf4bad6ecddbfaab8579abcedf77aa
7443a93d05bbf88bd0feee40ae15733e530717f8a5f0093570eb5ab8e11dbe62
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
752ac7b6a1d83373e07af1ee17b3a0e4a304e9b9304b55e49d93c7ab6a1c394e
764bf64fac9ce662419cbe397bc356820b13b046e7c2408f24d0b491791f83ad
7725538fe2f71147bffeba7452b434c826aef9009666cb4360c605d0b2a91d1d
77277ddb242c4f2b3b10dc2b8c50f219c2c9f37d95ba59eb849a109c9e65a673
773b6b520d53f2c575e87d9bc2be2d3ec999ec9839191f12dc0b6b64d37cef4f
7798165ee5a3c6809310d8261dcbe7c8d0c12d795b7b09a71af3eb86ec8f33f2
77ad0416dd9126399904bfc49b3fe6d296d2bd4e13927ca9ddb0958365bc931e
77b47b7a038f38916adbe760bc262fe2aa75e9f2a0d67621d19ad74e41acdb39
77ecd81d505ac0d0f87e06858604cc6a080be087583d5d53f6d46a151a0fef3c
781392903d67dc79b05bbf56489162cd24a0118d2478415495621448b4602a20
78a8d63885d1001f8259624ee42c4fb135476d23aa16f0b60c14fa53ac75e072
78caf0aa7c8036db15e75fa9cdb286a17fb12c436c49e286637bcd2d1f005f1b
7917aedea86f51751bd5d058e9c5aa882f66ed0415dc8217d200745676084312
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7a0e1c4547b0e5c56646d22245fac6ea1264ce16e8a7582e3822c3fe6b7706b6
7a9054758a4808c97c188f5be469879eef19a2f7cbd9bb0e740cee3199a6c747
7c816491815dbe74d63aa6be14b69e15629bba27b1cfb35bbcb26fc59c37a36b
7d541acd1c5d80fde9d99e833f3a0a065ab1b4d0961fb9734b822963aa299a6a
7d5a74ca2ad9e08079bdd60547726d3ff2bd019f44b1ce18e7a3d769f7919ca7
7d5bf3f8dc9d9dcd608393de3bd8afbeedd5077039b595aaba4529064dbcbe89
7fc54a3ce1b17851cd92926279227eb43ccebced7cab0eb6f5283e147dda2987
7fe6b65765f099da8417a13bf95bada41c2c1a16cbf134893318586e66152e45
8030594b4999eca38901464b09383ca988c454a4f7ab6b963be75e6c42da011d
8047cea60dd022529264f03872a2a2d70483d6acd89ce89203dbda6fe6db3831
80cb59e27335c57232d7a56bac7b6fdc290196a02f76decc55106f04ebd25ed9
80fccb00db57a177d26368cda09f8a540cf1aa641b8b6837047e86d3bd8d6333
8215736236b9fc130ace57942a53a8ac264b0843781027e11c8f41fd6598065a
8265f64786397d6b832d1ca0aafdf149ad84e72759fffa9f7272e91a0fb015d1
830e57437d284f9eac9503ba5e9251c5292f688975ef451cdedad3bd9bbb3dbb
831c7cf998ebfdecf34e7d7d7ec3e94f40539b61f37dba03af486c2d2c76187d
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
849beb2097ede1f511a30befde645af95d760bb881afcb8b1762d1137909ef5f
86ec23821217734d74230a6907152bdaf190cfe1f1c6b3490c6ad76d902727a6
87d6f740bada7720e8f5dd063e95878118767a1bb1bf4f4214156f579c935e73
8824e6b4f933d1c25b437ed6aa53a735c07eee6bb65b2b3405d86577971d274d
8955fa903d0ec652d81c567518c2bbe8ed0ab124ff2583b64bf7b3ef7e64ef05
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8a8ec92d46ba0d0f5c59dc47bb3b1068908d39b0ef62210a5d6e785878c06e25
8b6226066298487bc1f2377a5a5b3c0ae0de8cd8482ae7b2a07b1d194bcbba00
8ba56484afa0179850c9cd6881041becf124e2c1fb8f648b00f0ed433c1296cd
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d03f90fa61a24bc58efc772d6fba14d83002059f543727701422766296bfd26
8d42fdfa49b4db4b4fbffd6952f660569a7195cf9ec95efe022d232df1108730
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8e8230f2d1e6e230d63f5bd3091ea092eb8d1f447b5f6c84c5b776cf4f50a65d
8e9361308bf11900d292b906b622c2c43e9f34938b22f2782cd9f9e200ea557f
8ef6e6dfd4d82f26303e757b5895d9c9aac7424484bc74cf386055d1bb3e940f
8fd93f26b382f4e99897bcbd4d4fe54a7c225d75ee6a3aac208f670b2537f079
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
9338e65fc077355c7a87ae0d64cc101e23b9bf8ad78ae65f0f319c857311b526
938c64115ce60b98ee8151d7eb28208567753f3d4ebbe0aa0f56618c555a18fb
93e53cf7e7e1427faa0000478272623fd4ca34513d311ef2458aa83d7168e365
94061a925c5d84bf776554ac894020c407a9a4c89b979d538de3cf45591fe423
94a557b756089fc7dde1c857bb1a2f776dff6aeec3ceead5c2fa2304433b88ee
94e0be6f0a2d21e466af23200b65b6a235f15150671133d60850fb6508ca8e29
954309f6fff8b00faddd8b89b52990d9ee23a1c56bb7c71ee630d77973090e96
954e6d384042fe16d73df21f53bbcfef07f35fe1afd1a01e91779bb6dbaecaaf
95a0a6e3823b20170bbae77c19ce189d6a1b178f6230ed124cc85da8011bdf28
96631ba09cd178b4178b650ce6339886b98b16653ef5dc13e0f90ed189846435
97c4a434ceaadb0d5cea60c93c793dc46887dd6cd58f8e54ef080ffd5388d8af
97e46d746adde7197966879ff926ecb8ffc1bfe7fe3b4bb526605ed4ab6008f7
9810aee7e6d57d8cceaa96322b88e6df46710194689ae12b284149148cabc2f3
9861f51d1896f195c45f603bdc6b7f1455817966f5da945371c922a6f8797711
9880ff36abd71f34e043ccf52b425dc0e918af5098157970cce3c15348900c4a
98832b527517174f39aededb475e28656178b0877ce57737c73287c6d62137f2
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98e15110586a9877906d7a4ada5a789c0deaa285600027e1f3c7e925fb4b05b7
9987dcc652130026523219440b654a3e307d16f186019031ad60a28d6f73aa2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99e1042859466985160679043588634faecade6cec6a93a1b047d54fa45c57de
9b33b15476886728d6988a3bb97c08f8c1aff7ee35dfd438a8df85970f822a4d
9cc8c89436c57b5812f3d1ad26420a90f2102682d5e262dc289a1214c9010204
9cf74b82f5a4ffa0d9c4809d40c0dde44cc6ec8b3952acf697f435e6a4d90526
9d6941be30ffc5f9a8b0d95dd5dd823e408519818d8df064d24bada85593dba2
9d6e79a8f9eaa7706c0d6cfa3fdb029ff1be11bd8222b4aec7721209a0479a3f
9e110b15e82a88e1678e7bb797c9c5375f9392750ce3389ce582f16d9b8d045c
9e4cac65c7a5ee0bd0743afefcabdd3e73854e1284ac9ac433813d6231f550f2
9e7bd772ed55a5541ea3beb163b4d4c0db05e8a05e65203d222436d5e8ed92ba
9ef0267d5ec7e7ef7a525893a3fe2d6833c3a3810a12d45907c2017e9c45159a
9f2ef335c07566f0d4f273a4b72bcb3ad2b02f0c6232da6129952ee60bd07ba8
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a474eb4de90110baa24fa4c32e2ab48e7f84ea67d40f3435cfa8191826f946a4
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5cd8ec73857ce3a975bf82836e2e5b43c1e3ab5ee56dfa26e45172914226f60
a60a1b492ccc3784df2d649db4bf3fbb8bb70a583522a61194e7552a6e28c5aa
a636d9148b1af206baeace1b74dd84119caf7dd2beba5d2729ed6b9105af8a71
a71702232a771b558b12f8c0012a15f5652b500fd2e33464d283406cee36754d
a7239d83dfc0d679576741433b88e4b716c19dc2ce5f829dd75f21d3d1da5356
a72baa0c1d82bdc8930d5e2698d3ef2173094bd40ef2d157e6b3e49fab07ba44
a72d79afb9c09dca7f529a4418358197958d17f04475fb4a9b061c2290f3bc12
a7c6f8a24a23d457bf04ea344732453843aac17115fa075e235934b019c5a164
a8253a66789bd51567008403a07f3d0942b4201562e35b26f80db45ed151789c
a825ce1448f104c47e29c13867f75401aa63fbffdc03b762da37debcffcfd1a6
a8f572a254c37aca276c495b1fffd8f90a21b6fbc8bcde0ae3e2e7e72716e969
a9179676206755fbdcaf25d2c0958cf0ef14c8a787f38c966b9dbd8013b919f0
a954dbf8547ecb70b99d458d56f9ddf8b875c2363edbde8182eb7c1706ca5d27
a96e1e97d62ab9747678b947bdf0a0ea5f81790b1e3a1df2d4607a86bf802596
a98b13a75d64a26595c4a686560938ea52f6a23df477af170fd307572af82aaf
a997695aa91a15690d02e00943813963a8d2e66679e85a8aebd6182b5c5e4ab1
a9c49f9f526c232731b2ff9aa3e31b686b8b339bdd246bbf74f804c802f9755d
aaf8348fad3676d3d62c09c1a92f11d075643f798d1a3516b4a34cf9eb127862
ab1382c70c0a537459c8eec56c1d9f6a66caab98eccb6b7fa057309aae36c99e
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
acccc501aa6afa3cfac15e8ddccf1561deed2ed08c2f7d652abbdbe9aa71609a
ad23a556ada04655067ae0040759f5ad6ee3fbd127a947082795327b2bb7337f
aeefce688e47bb594c3149ec88725bd4eb05e7e73932c586cda0bd817b2bad73
aef991b2e0b693a95d41986576dd3901ea7ac03b379501b1caba966058753308
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
afe2c4d44f6a91b4d2ecbaf61d91e90f61cf159467b4a3fac9e51ed9b1e2920d
b00af338864761a37a208806e2e8815b46327a5e7e47bf141f4fbdf6d1fd3bcc
b0717fe6eb98016a76d31aa9a1f3557889e9de39d5f365ddddce167946771137
b0b71280be0ee15dac6213a798a2dd1c688d3546cc2c673524e4b46b193ece08
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2fd5f4e6c07b0ac32a322501326bf06f75ff5345c0d141e362809eb58a7cd43
b31de8d3b58d6b51211fa7b4b7b689b34e00d9748eacca357fb71ac4c66243de
b38584ae83afc07bded454747b84a094c4d21f9ff0c0805a6cb63796c474043e
b47b4ca26c57e3dceebd7abd067df9622599bed6bfb11b480f92d09a945cd213
b5b51d89a8486ee9a21480fef1232a4040f5362d7a13176e617a4cb6839166f4
b633a587c652d02386c4f16f8c6f6aab7352d97f16367c3c40576214372dd628
b75cef599bcb84b7e74ce59033d1a2d95b4be75d2de4703d6ce07ffb9545af2f
b7bcc637896f680fc74dafaa350cf28a3480d121fad51e73c35ce26b5bb51738
b7d2974070cf9f476d97e4401209a440e8fee787781d9084655cca366dad4d21
b80a4d9175dc7cb05b42205ce1f8235139b7cc754653a82974f340dbb9bcf408
b868c8c1971347e8ad2829c8bb8bb1c472ed71fbf8e794d5042fb1987816fbd3
b9fc4e459b5da109d683f1e6e9f37c218dfb7aa0748c08568299798a23220bfa
ba5ea92913e3afc69217da94c109c8f4b1a6ae2de906375495bcffbc71792052
ba8271a41653f1a216e92eb5d7d5ae1d91008d9b22eeaf6c2dd0310758d095e2
bae096a3ccdce32281e4b47bc84685356430193b5b4add8069495c07df0fdcae
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bc212da267f8efd62f53ee1e69133fc56278295771d7b8a3631c98e971587b68
bc33d81fc1788b6bba1c3d52fc464d7974c98330406e441b411ecbe5a3ce05ee
bc352dacc2c29d040ac88155edddc6cea50b4d16f9c700f0f6fb158ff140206e
bc72f5e19ff448a15a1ea9a4903a69c96ed35b5b3d5828cdafb0a972aa2c171e
be1e74c1b5359991d1809967d6a3bddaed43055482e5e42b4c0cf324177dcf3c
beba0048929d13bab1754442616d8386e9427233fd7c24c98b538230542f2639
bf23a7a4eebedbb87d4084a69496b29815914a18e339a00f5dc73a03c9c9328f
bf5b5a4196e2df193d794a6e8b0228e41b49e6bcc4531179b8ed8d5293300586
c000ac520024b59289ff6be3c68683cdab823dce18f284298c8b5e7ae365d491
c002b1b4f4aacc0c7e2bf806a9efa9263fb5f34826500f0ffb0417238cc7cceb
c08eb3aa2fa224e9aa0b74be8dff21c42d70325a43f4a2f8f4552da660e67797
c0bc52196345f2fe6d0feb738cfcf29377c2ed4e4b2d1816f8b26ccae182e6a6
c0df6138992189efffefdbe9173df743253fecb3f07ffeae59a5296597680667
c1e253200f916f76ff84eed9148f10f19670158475f152653d064f4c6127558d
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c2591fedb2ade7c9541ed5ff9b6d19c0c12a194498a66f5a03d5406d560b2c4a
c2b6805cadd71458bbf7a43c24c2017bf10ceee556c2858c8c61c43e94d8b991
c339e455fc86a2a8220fc39af43aca3f7a09b193a7ab7ddf534320a8c67587f9
c3a1c113a2a11583e364fd300caee84e97d0c434ca6d5b0f7a7a12a03d16083a
c4e0a0eb29bdcdc9ab2f842638e501ba15e642e2cea04b20bf8dae8dc8beb606
c54ab568b73e88af409e7615e9c6730d701234ebe9d64b131a08fccb0bef3deb
c56fe8e86248dab9f5bd11df391c35cf45ac349aadd3b2a1df79091f4c103e90
c596167891ba8fd4af1f60f5674a0dac31f9c071e7243dc2ce19b7a45c6a9122
c6bf29161757477e025d81d0e17eefd1282e6156be38bf5f50b42bee50082dd1
c731d1ac06ce0723680061bb7eab4bfe43bad28d6af8d8fa8cf855b16ff60784
c787e9dd6dc8ea3c935f5f0f30e3b9e4a3e066b4619bb244f569883f8e318a24
c7f7d8cf6b996acb9c8096f50b079594d5dc19f3338bd9ca463da608efd1e067
c7fe6da239be5e83a3d053138d413293ac50686169f09bade4ac60edf7f60120
c83ae168153d6d218a83314b17dc5a145e5860f34f1fe9a2863a4b75d7aa5e88
c955e57777ec0d73639dca6748560d00aa5eb8e12f13ebb2ed9656add3908f97
c9d1030be753873dbf9c353c21a26d0dbaf705ed62c9c7d5c0259c730605ccbc
c9e42e2c7cd3ec42f6febe248c715522b2e5f6bc92b389b101fbd33a069ee7ed
ca039c9541f1a5f8eb157df578e50664f9e775b18c6a3ff4e9fca87701e93557
ca2e1012ff740149ec1d9c0710f779044c0b12c75bef9c8e05a5bcacafaec879
ca7475c12f2dc8ab022889d4bd835687f7f978784757d768d4cc319933e8b9fa
ca7dce2391845e8aec7da135f33fabd10f74eed28a532ac66fd01f761fcfb42f
cc628f60d331da47033b1656d0ad374a5470cca8fe9aec5af3996e8d68698e5e
cd69bfe475606c6cee080a5ae3049c565203cbe14741dd26f717d9bb2406db27
cdb655cea074720df3611a941f75b62267652c0c84392d2937a4a687e8a393d3
ce270c9952a278a73384c409e1bc02e7b5367767702a1d87d5105b9aef3e91ae
ce2dfc72b1d68b132484a53a877f2eed5a91a78385810c2fdf82829fc54ce292
ce6b90f82bd3532a612b62d2fb78090f8d99f81f4c7af8eaecfcb2a843c104c0
ce8368e5b8e9f2f066acc6284578c00021aea742c4c7c7ec2836c232a5f8b1f8
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d01d7e89b4d641722a6ee3361a74140f0271768fa9c0fb75168cc1f3dc90ad09
d08f4db8c66660b33658c5971f784fdc6834f68ba966b7d19ed2be3902994c99
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d16537f8743d8f95565136d9389f9b1d4410ac94eabc52fd1deca14ec02303aa
d1ef1cc861273478f558e6e6b04cb5ea8c2a86c248d10a4d2c22e8b606018796
d23484cf0f36a73cc699ceffc6da8f0e9ffd6b372dcb615ec942cdc287845505
d263fda337af552f00a2ee95fdfd8fc5553e1062864bfa3ab987396741fd5adc
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d2f565233f40683b02ba363b1ba6fd9aac63658aaf9774e0c0990b8eb42103c6
d3159c59b77f486ef3195198776e26dbd97d8ddb303881e0207a4f25792f1100
d31b1ca3f9a47ef07a5458a6d8e40ec216b607a05d2e938ded9d6fe9535a2f08
d3c286558922ca8c2c69167698cd61a8280cb03b81bb41d9bd633f80f18c274f
d443235c5040b9e5a2461f69bcef0930f5820c356830bb0c59a4953d16f8a59e
d4ffe2ab79652288e40fde6e2a25c64be911ec70f21d339f21422f9264fabe7f
d57e8f360a4443bee3c35e6d70fe13648299f21bf3ba0460acd9d7f089275e46
d643b952a4f6528358b25e2f30a9f2b16c48dcaa4c33036c04d89436bdb7fc2e
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d6dffe998d4d52601dd56a1666bbd09f6926bc110429c434402ca7a814080808
d78ee65d6be02a5a9c1f62ecd60f280215063624d80dac06328ddfc985a4b61c
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d818a014761cd9516d1b3e296946e960d91f4c917bf42a808e67323a8b062da8
d838f4312751ca2d2a7cce59c1c375b307da59a4949418c99e7b8c57ffde4944
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
d9b728eb13794287875457d5c53a7492142ff0955745251d80d08068e19a3dad
da26f75773d686f672adddeabc4378a593a11845f01c01dbd2c941744d2ff96a
da45962a1fb4a049c9367ebe9b1b628f071d7a4c9997ee807c01d23f4866e19c
dac82534970907d1ea30328588a22c9ec11eaa0e75295475c4033eb9dc9e305e
db471246e58547b89fcfef260155de7f95529b9f1fd692075912dccedf77c747
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de9727942565b2603765eceb0a311d44cf38cdd731db72acf0f207e776f491b6
dfa1028a74436c56e0ee1367812c0ee599d6814ec4a3079ca9b9afffba949e26
e0eef7abfd165a46a09a1950acb40a17eb20335e43837e939edd4eaeae061b26
e1d2f7d8fd957b12792fc62e567ebcd9e697f63a42e3dd023f02bd370d7c5640
e21d2f9fd8b8a086c08dbb3c92e5f972bbae6addc1e8915931536190651af480
e23decabee8464b650d1d0241283ba0c469806e14a2199efc5bb41771cb673c1
e2ae39a143aba9668d3bdddbdcbf8b0bebb6a4e8c94ec2bc827e926bc6bc0c8a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c1729dcac85fe1ff03bf4245c725185ee0960cb5ae6a8a81fc0f8991433a50
e3d5684523c3de8ab2ac3bca237d12e4affbb4d4b39a41109d975a489fa12427
e5014bac0fa3e49a6eab8b146d9d57d5ef82b624aa3593900ce1cac72cb97882
e51e019667136ffdb01eda1a7d0b2925084d4de0ce48d686ec38432a664261ea
e5a8c0ad90ca244d69de42ef3747ea05f1cb0139f22ee1a1d05b7979375c8821
e71a3fdc5b1de95f68377e3906681f27acbc21d202191f7b4ccd560558d7e825
e71d11284fe33d09fe11d031d1517b0383750bc5dba2faf77e87f42a609a1b68
e7ba503d53f9fb2d367e4414ec4da7667f2ad0013012bb60b79b5de2bad86c87
e820733377d4af31fd643ac9a24856e8f33ca799f97259e59c868302a513c874
e8a8a8e3530d7895d6730b80336e4c400c542cc7658a708300252a05b81e358c
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
e9ebd714243264393b54c89d034e20601df9b92b4ead1e0ae4df42d61f47fe26
ea4b9ce172dd2eb9c971157b295d7f0290f06aa4e56cfd645ce8db388d3039da
ea9b76a337c18067d0646a24aa3c1e5d792f08882182bcac39fc0b613a951cbb
eb4db95cf7c97ce22bd98d1b95dfd82204843cc8854cbe0b3b6b93be4fa41a2f
eb6ceeb6fad66498f4234c546dd645931bb31d1245360d9f9a86a10c76e22d73
ecbc1b07cb2761e6e400e66268e4c7413c14b15d9c7220d1f930fa80e317b50d
eceb8f45ef70565ff01009867dd39f47dc2e1a2ea5ec1f59214c9c36c8a1d6b6
ed1622bbd271de0ddc168ff0bbbc61065f42b883a7776cc792c1f67d7e59ee98
ed72a16e61e8de3309554066964dbf6afac406460df04ad7c928bafde612c500
edb6180c914e7b38450a0a388cc86d9aa54a6cf4e6cdd87d909300983eae7988
ee5efed459c124675f1a2445a7e0b1f57b9a4f75ef1d59f914348a69c23ef487
ee61ec65bd3bc8cc949991393cfd5aca248620bc53e8ac94f9afe44c30961c0f
ee9a49aae5d1fc7602361ae5c6d69fc8eb128d007b4dee67d42ce19bbf2c87e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef19d3570dea1c5a973fb7f6fc98c525cd8ce6d01db1937f8459975979648bdc
efb2de97fd12878832f5d8fac4a7de5af3403187b9e96d678c41b6f3018c5b85
f028e76c03dd9e15555e4470331e4eb44e2dfdf64d0477b897c1b497d1180efa
f0d7d05ef7ae154e283b8c8e462aeb6e9b5bca53225c42743e2028c34828c08a
f1ae9c2026aa097e604015d4bd47dca4778ac704f883659be7b4b312be583342
f2339c794c00a2ddb2a2a8a7488c12e16abd739f57bad967f8fbf8147e47fdcc
f2914edb33157588c8d440c36f1ea06652c133febd1719a344d79d078ec6c41a
f3393f023cd224f4a20bd2ac8e0f577a63edec43d937d9a7deefaf9848a05c17
f3a64c817844873cedba93181e4b3eaf7fc984e1e45627fe6b5a314e195687a1
f4110d145ad25681a3ef677782ec9a807407fe09b028c2ea15648833ed9cac60
f41c2a654a3da935c6567bade275424096fb54552f2e0f9ea7e0ce9bbf239db8
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f621b902b9adbd352e8973dc8f7e119a1ed7ba68af5db652552bc893f470dd23
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f68019eb4b4e5933301d4ee75969e0cb94ed8333bf514630fa749eb9c3e483c9
f783e917c4f17d3f46e9115218ecc006d9d6f3b75cb600e1cbf91a48d064477f
f82f6cf1599100b7836d8b8aa4bd5394e997849487dd6110d70908440c97fa64
f834273cdff28daf8bd2192b12ac3bbe356344adac6fe2c4844062e764b775dd
f86a1105ed755e9ae9b75708a5b19d5c478212605b9f8d7c98796b451de18c63
f9a5a91bcdb62adc4081cc1d884a77e9f49c953fa3a1b46b19963cd73fd022c9
f9b751c1cd0d2b0f91862db987fed9dda48758b15e6f42ca67796b45f4b21702
f9e9d6c9d3b76ddbbaf7cd44bbcb5e7c0eb9cdb69bb4c3895117f2341474b75f
f9feb0d6627eee56ce4fea329b9318cb672972595debe6452991cbad5e0c6bd9
fa18ee87b33449eaeb965c5661dc9b78a911510b48222fe3b1443c825a7924d5
fa8700eaa4be8549203564d995f821f6ca7aa0e5dd84e61c805ecc9a3a0cd74f
fabe4ca56fd1580b8e45ce2fb10a64278d692b9fbbbb661b1d55fed78c2fc1a3
fba149d48c297fb10215569731ae09a2d630aadaf2963f78f870930c001cf48a
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe1e79ae09c4b22847324dbe1b75bf737f7251ef491f9961d6fdb66f0faaa4f3
fe2cd58230aa119f208add41c185f8022ba0ea768465aa42e2e41d772c95a8c0
febf1b681599d7a9795aca2b5de06fd30743a60d10731706469d128b7a6df153
fef271305260f71472cf681f3b9ecfed76cc378f7ad06fa95a6db81dca1ea599