urlscan.io logo urlscan.io
SecurityTrails logo

thesource.com Open in urlscan Pro
192.124.249.167  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: http://thesource.com/
Effective URL: https://thesource.com/
Submission: On February 14 via api from GB — Scanned from GB
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 106 IPs in 11 countries across 88 domains to perform 414 HTTP transactions. The main IP is 192.124.249.167, located in Menifee, United States and belongs to SUCURI-SEC, US. The main domain is thesource.com. The Cisco Umbrella rank of the primary domain is 133871.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 7th 2021. Valid for: a year.
This is the only time thesource.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 63 192.124.249.167 30148 (SUCURI-SEC)
5 2a00:1450:400... 15169 (GOOGLE)
1 52.219.176.194 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
6 143.204.95.188 16509 (AMAZON-02)
2 2a03:2880:f01... 32934 (FACEBOOK)
5 2606:4700::68... 13335 (CLOUDFLAR...)
9 142.250.185.226 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
1 3 108.157.4.121 16509 (AMAZON-02)
1 3 2620:116:800d... 16509 (AMAZON-02)
6 2a00:1450:400... 15169 (GOOGLE)
2 2606:2800:234... 15133 (EDGECAST)
1 18.66.247.90 16509 (AMAZON-02)
1 2600:9000:231... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
1 2606:4700::68... 13335 (CLOUDFLAR...)
1 104.244.42.136 13414 (TWITTER)
2 6 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
9 2602:803:c004... 26667 (RUBICONPR...)
5 15 37.252.173.27 29990 (ASN-APPNEX)
3 51.75.86.98 16276 (OVH)
1 216.52.2.30 30282 (AS-INAPCD...)
1 34.197.208.127 14618 (AMAZON-AES)
5 35.244.159.8 15169 (GOOGLE)
1 18.185.181.98 16509 (AMAZON-02)
5 18.156.195.47 16509 (AMAZON-02)
2 23.37.38.181 16625 (AKAMAI-AS)
1 147.75.38.124 54825 (PACKET)
1 2a00:1450:400... 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
18 2a00:1450:400... 15169 (GOOGLE)
4 2a00:1450:400... 15169 (GOOGLE)
19 2a00:1450:400... 15169 (GOOGLE)
19 185.220.205.205 41436 (CLOUDWEBM...)
5 2a00:1450:400... 15169 (GOOGLE)
6 2a00:1450:400... 15169 (GOOGLE)
4 142.250.186.130 15169 (GOOGLE)
5 2a00:1450:400... 15169 (GOOGLE)
9 17 142.250.186.98 15169 (GOOGLE)
6 25 2.18.234.21 16625 (AKAMAI-AS)
4 2.18.233.180 16625 (AKAMAI-AS)
2 2 185.94.180.126 35220 (SPOTX-AMS)
1 2a06:8640:628... 55081 (24SHELLS)
7 185.167.96.10 41436 (CLOUDWEBM...)
2 3.122.161.218 16509 (AMAZON-02)
1 1 23.88.75.186 24940 (HETZNER-AS)
3 7 13.248.245.213 16509 (AMAZON-02)
4 9 69.173.144.138 26667 (RUBICONPR...)
1 2 37.252.172.36 29990 (ASN-APPNEX)
2 37.157.4.40 198622 (ADFORM)
1 2.21.142.210 16625 (AKAMAI-AS)
1 34.107.148.139 15169 (GOOGLE)
1 3.122.136.79 16509 (AMAZON-02)
1 204.237.133.116 62713 (AS-PUBMATIC)
3 18.192.153.193 16509 (AMAZON-02)
1 185.86.139.58 201081 (SMARTADSE...)
1 185.94.180.123 35220 (SPOTX-AMS)
2 198.47.127.19 62713 (AS-PUBMATIC)
9 62.149.0.72 15497 (COLOCALL ...)
1 2 46.249.52.249 50673 (SERVERIUS-AS)
2 3 37.157.4.39 198622 (ADFORM)
2 2 185.184.8.65 204995 (RTB-HOUSE...)
3 2600:9000:224... 16509 (AMAZON-02)
2 2 66.155.71.25 13768 (COGECO-PEER1)
1 2 54.78.254.47 16509 (AMAZON-02)
3 4 35.227.248.159 15169 (GOOGLE)
3 5.178.65.246 50673 (SERVERIUS-AS)
1 35.186.253.211 15169 (GOOGLE)
1 18.215.193.43 14618 (AMAZON-AES)
2 5.178.65.252 50673 (SERVERIUS-AS)
1 3 162.55.233.29 24940 (HETZNER-AS)
1 10 35.157.167.171 16509 (AMAZON-02)
1 1 23.37.42.132 16625 (AKAMAI-AS)
6 104.89.20.125 16625 (AKAMAI-AS)
1 205.234.175.175 30081 (CACHENETW...)
15 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2a00:1450:400... 15169 (GOOGLE)
2 37.157.2.237 198622 (ADFORM)
3 6 52.223.40.198 16509 (AMAZON-02)
1 2a04:4e42:600... 54113 (FASTLY)
1 2600:1f18:659... 14618 (AMAZON-AES)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
2 3 52.214.166.97 16509 (AMAZON-02)
1 1 151.1.205.165 3242 (ASN-ITNET)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 2 35.201.81.244 15169 (GOOGLE)
1 89.163.159.108 24961 (MYLOC-AS ...)
2 2 34.249.68.36 16509 (AMAZON-02)
1 1 212.82.100.182 34010 (YAHOO-IRD)
1 1 18.185.159.202 16509 (AMAZON-02)
2 52.48.40.152 16509 (AMAZON-02)
2 4 151.101.194.49 54113 (FASTLY)
1 1 2.21.141.186 16625 (AKAMAI-AS)
1 1 34.232.233.83 14618 (AMAZON-AES)
1 2 52.94.223.167 16509 (AMAZON-02)
1 104.92.72.137 16625 (AKAMAI-AS)
1 1 54.85.64.84 14618 (AMAZON-AES)
2 4 209.54.176.128 16509 (AMAZON-02)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
1 1 54.205.198.81 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
2 2.18.232.130 16625 (AKAMAI-AS)
1 18.66.248.33 16509 (AMAZON-02)
3 3 185.29.132.245 30419 (MEDIAMATH...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 35.244.174.68 15169 (GOOGLE)
1 1 62.209.227.210 13036 (TMOBILE-)
1 1 34.102.163.6 15169 (GOOGLE)
1 2620:1ec:21::14 8068 (MICROSOFT...)
1 2620:1ec:c11:... 8068 (MICROSOFT...)
1 1 70.42.32.255 22075 (AS-OUTBRAIN)
1 51.158.28.83 12876 (Online SAS)
2 52.31.13.93 16509 (AMAZON-02)
1 4 3.126.56.137 16509 (AMAZON-02)
1 192.132.33.46 18568 (BIDTELLECT)
1 1 34.225.96.147 14618 (AMAZON-AES)
1 72.251.232.228 ()
1 2.18.235.93 16625 (AKAMAI-AS)
3 4 52.58.50.64 16509 (AMAZON-02)
1 1 2a02:fa8:8806... ()
1 2.21.141.232 ()
1 2 169.50.137.184 36351 (SOFTLAYER)
1 1 66.155.71.149 13768 (COGECO-PEER1)
1 1 54.81.207.173 ()
1 34.234.118.65 ()
1 2 52.45.237.203 ()
1 178.250.2.151 ()
1 1 37.252.173.213 ()
414 106
63    192.124.249.167 (Menifee, United States)

ASN30148 (SUCURI-SEC, US)
PTR: cloudproxy10167.sucuri.net
thesource.com
5    2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
1    52.219.176.194 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-r-w.us-east-2.amazonaws.com
hb-thesource.s3.us-east-2.amazonaws.com
2    2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
4    2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
6    143.204.95.188 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-95-188.fra50.r.cloudfront.net
c.amazon-adsystem.com
2    2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
5    2606:4700::6812:e234 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.onesignal.com
onesignal.com
img.onesignal.com
9    142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net
securepubads.g.doubleclick.net
4    2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
3    108.157.4.121 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-121.dus51.r.cloudfront.net
sb.scorecardresearch.com
3    2620:116:800d:21:5a23:9c4e:e774:96c1 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
6    2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)
platform.twitter.com
1    18.66.247.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-247-90.dus51.r.cloudfront.net
cdn-images.mailchimp.com
1    2600:9000:2315:5200:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
2    2a00:1450:400c:c0c::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    2606:4700::6812:e134 (United States)

ASN13335 (CLOUDFLARENET, US)
onesignal.com
1    104.244.42.136 (United States)

ASN13414 (TWITTER, US)
syndication.twitter.com
6    2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4003:807::2003 (Ireland)

ASN15169 (GOOGLE, US)
www.google.de
9    2602:803:c004:200::143 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
15    37.252.173.27 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
ib.adnxs.com
3    51.75.86.98 (France)

ASN16276 (OVH, FR)
PTR: ip98.ip-51-75-86.eu
onetag-sys.com
1    216.52.2.30 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
1    34.197.208.127 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-197-208-127.compute-1.amazonaws.com
exchange.postrelease.com
5    35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com
thesource2-d.openx.net
u.openx.net
primis-d.openx.net
1    18.185.181.98 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-181-98.eu-central-1.compute.amazonaws.com
tlx.3lift.com
5    18.156.195.47 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
2    23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    147.75.38.124 (Amsterdam, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
3    2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
18    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
4    2a00:1450:4001:812::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
19    2a00:1450:4001:831::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
19    185.220.205.205 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
live.primis.tech
5    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
cdn.ampproject.org
6    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
4    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
googleads4.g.doubleclick.net
5    2a00:1450:4001:810::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
s0.2mdn.net
17    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
25    2.18.234.21 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com
dsum-sec.casalemedia.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
js-sec.indexww.com
4    2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com
ads.pubmatic.com
2    185.94.180.126 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
sync.search.spotxchange.com
1    2a06:8640:628:0:ec4:7aff:fe94:33ae (Piscataway, United States)

ASN55081 (24SHELLS, US)
s.console.adtarget.com.tr
7    185.167.96.10 (Amsterdam, Netherlands)

ASN41436 (CLOUDWEBMANAGE-EU, US)
video.primis.tech
2    3.122.161.218 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-161-218.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    23.88.75.186 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.186.75.88.23.clients.your-server.de
csync.loopme.me
7    13.248.245.213 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
9    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
pixel-eu.rubiconproject.com
token.rubiconproject.com
2    37.252.172.36 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
secure.adnxs.com
2    37.157.4.40 (Denmark)

ASN198622 (ADFORM, DK)
adx.adform.net
1    2.21.142.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-142-210.deploy.static.akamaitechnologies.com
ads.stickyadstv.com
1    34.107.148.139 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 139.148.107.34.bc.googleusercontent.com
prebid.media.net
1    3.122.136.79 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
ads.adaptv.advertising.com
1    204.237.133.116 (United States)

ASN62713 (AS-PUBMATIC, US)
hbopenbid.pubmatic.com
3    18.192.153.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-192-153-193.eu-central-1.compute.amazonaws.com
prebid-server.rubiconproject.com
1    185.86.139.58 (France)

ASN201081 (SMARTADSERVER, FR)
prg.smartadserver.com
1    185.94.180.123 (Amsterdam, Netherlands)

ASN35220 (SPOTX-AMS, US)
search.spotxchange.com
2    198.47.127.19 (United States)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
9    62.149.0.72 (Ukraine)

ASN15497 (COLOCALL Internet Data Center ColoCALL, UA)
PTR: 0-72.cc86365-03-tmp.cc.colocall.com
sync.console.adtarget.com.tr
2    46.249.52.249 (Amsterdam, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
ads.us.e-planning.net
3    37.157.4.39 (Denmark)

ASN198622 (ADFORM, DK)
cm.adform.net
track.adform.net
2    185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net
creativecdn.com
3    2600:9000:224a:4400:f:4f64:8940:93a1 (United States)

ASN16509 (AMAZON-02, US)
js.adscale.de
2    66.155.71.25 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel.sitescout.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loadm.exelator.com
loadeu.exelator.com
4    35.227.248.159 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com
pixel.tapad.com
3    5.178.65.246 (Amersfoort, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: ads.us.e-planning.net
u-ams02.e-planning.net
1    35.186.253.211 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 211.253.186.35.bc.googleusercontent.com
rtb.openx.net
1    18.215.193.43 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-18-215-193-43.compute-1.amazonaws.com
a.audrte.com
2    5.178.65.252 (Amersfoort, Netherlands)

ASN50673 (SERVERIUS-AS, NL)
PTR: i.e-planning.net
s.e-planning.net
3    162.55.233.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.233.55.162.clients.your-server.de
sync.richaudience.com
10    35.157.167.171 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
ih.adscale.de
1    23.37.42.132 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-42-132.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
6    104.89.20.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-20-125.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
1    205.234.175.175 (United States)

ASN30081 (CACHENETWORKS, US)
PTR: vip1.G-anycast1.cachefly.net
i.e-planning.net
15    2606:4700:10::6816:1857 (United States)

ASN13335 (CLOUDFLARENET, US)
spl.zeotap.com
mwzeom.zeotap.com
2    2a00:1450:4001:80e::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    37.157.2.237 (Denmark)

ASN198622 (ADFORM, DK)
dmp.adform.net
c1.adform.net
6    52.223.40.198 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
1    2a04:4e42:600::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
dmp.v.fwmrm.net
2    2a05:d018:24:b002:5c97:83c8:403c:77a7 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    52.214.166.97 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-166-97.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    151.1.205.165 (Milan, Italy)

ASN3242 (ASN-ITNET, IT)
bn01.er.bemail.it
1    85.114.159.118 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
2    35.201.81.244 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 244.81.201.35.bc.googleusercontent.com
idsync.frontend.weborama.fr
1    89.163.159.108 (Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
dmp.theadex.com
2    34.249.68.36 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-68-36.eu-west-1.compute.amazonaws.com
bcp.crwdcntrl.net
1    212.82.100.182 (Dublin, Ireland)

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com
cms.analytics.yahoo.com
1    18.185.159.202 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-159-202.eu-central-1.compute.amazonaws.com
aa.agkn.com
2    52.48.40.152 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-40-152.eu-west-1.compute.amazonaws.com
beacon.krxd.net
4    151.101.194.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    2.21.141.186 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-21-141-186.deploy.static.akamaitechnologies.com
pixel.mathtag.com
1    34.232.233.83 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-232-233-83.compute-1.amazonaws.com
usermatch.krxd.net
2    52.94.223.167 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
1    104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com
tags.bluekai.com
1    54.85.64.84 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-85-64-84.compute-1.amazonaws.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
4    209.54.176.128 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
3    2a05:d018:d29:3602:8032:ea84:336c:262b (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
1    54.205.198.81 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-205-198-81.compute-1.amazonaws.com
sync.extend.tv
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
2    2.18.232.130 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-232-130.deploy.static.akamaitechnologies.com
acdn.adnxs.com
1    18.66.248.33 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-33.dus51.r.cloudfront.net
tags.crwdcntrl.net
3    185.29.132.245 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
1    2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
1    62.209.227.210 (Vlasim, Czech Republic)

ASN13036 (TMOBILE-, CZ)
PTR: bbnautid1.ibillboard.com
bbnaut.ibillboard.com
1    34.102.163.6 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 6.163.102.34.bc.googleusercontent.com
ad.mrtnsvr.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
1    2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
c.bing.com
1    70.42.32.255 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    51.158.28.83 (Paris, France)

ASN12876 (Online SAS, FR)
PTR: 51-158-28-83.rev.poneytelecom.eu
js.cookieless-data.com
2    52.31.13.93 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
4    3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
1    192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com
bttrack.com
1    34.225.96.147 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-225-96-147.compute-1.amazonaws.com
beacon.lynx.cognitivlabs.com
1    72.251.232.228 (None, )

ASN- ()
cm.adgrx.com
1    2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com
contextual.media.net
4    52.58.50.64 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-50-64.eu-central-1.compute.amazonaws.com
pixel.advertising.com
1    2a02:fa8:8806:16::1370 (None, )

ASN- ()
casale-match.dotomi.com
1    2.21.141.232 (None, )

ASN- ()
dsum.casalemedia.com
2    169.50.137.184 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b8.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
1    54.81.207.173 (None, )

ASN- ()
sync.srv.stackadapt.com
1    34.234.118.65 (None, )

ASN- ()
rtb.adentifi.com
2    52.45.237.203 (None, )

ASN- ()
um2.eqads.com
1    178.250.2.151 (None, )

ASN- ()
dis.criteo.com
1    37.252.173.213 (None, )

ASN- ()
adscale-emea.adnxs.com
Apex Domain
Subdomains		 Transfer
63 thesource.com
thesource.com — Cisco Umbrella Rank: 133871
2 MB
41 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 92
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
tpc.googlesyndication.com — Cisco Umbrella Rank: 120
239 KB
38 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 159
stats.g.doubleclick.net — Cisco Umbrella Rank: 67
googleads.g.doubleclick.net — Cisco Umbrella Rank: 37
googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276
cm.g.doubleclick.net — Cisco Umbrella Rank: 175
222 KB
28 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 436
pixel.rubiconproject.com — Cisco Umbrella Rank: 288
prebid-server.rubiconproject.com — Cisco Umbrella Rank: 980
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 917
eus.rubiconproject.com — Cisco Umbrella Rank: 512
pixel-eu.rubiconproject.com — Cisco Umbrella Rank: 2038
token.rubiconproject.com — Cisco Umbrella Rank: 593
45 KB
26 primis.tech
live.primis.tech — Cisco Umbrella Rank: 2734
video.primis.tech — Cisco Umbrella Rank: 6478
550 KB
24 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 427
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 488
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 463
ssum.casalemedia.com — Cisco Umbrella Rank: 1125
dsum.casalemedia.com
28 KB
20 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 210
secure.adnxs.com — Cisco Umbrella Rank: 350
acdn.adnxs.com — Cisco Umbrella Rank: 547
adscale-emea.adnxs.com
48 KB
15 zeotap.com
spl.zeotap.com — Cisco Umbrella Rank: 1178
mwzeom.zeotap.com — Cisco Umbrella Rank: 1486
5 KB
14 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 654
cms.analytics.yahoo.com — Cisco Umbrella Rank: 855
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 419
ads.yahoo.com — Cisco Umbrella Rank: 835
ups.analytics.yahoo.com — Cisco Umbrella Rank: 269
6 KB
13 adscale.de
js.adscale.de — Cisco Umbrella Rank: 7241
ih.adscale.de — Cisco Umbrella Rank: 4945
15 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 263
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1361
s.amazon-adsystem.com — Cisco Umbrella Rank: 266
83 KB
10 adtarget.com.tr
s.console.adtarget.com.tr — Cisco Umbrella Rank: 5930
sync.console.adtarget.com.tr — Cisco Umbrella Rank: 6268
5 KB
9 google.com
www.google.com — Cisco Umbrella Rank: 2
adservice.google.com — Cisco Umbrella Rank: 59
2 KB
8 e-planning.net
ads.us.e-planning.net — Cisco Umbrella Rank: 3099
u-ams02.e-planning.net — Cisco Umbrella Rank: 51355
s.e-planning.net — Cisco Umbrella Rank: 4802
i.e-planning.net — Cisco Umbrella Rank: 4860
4 KB
8 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 532
eb2.3lift.com — Cisco Umbrella Rank: 356
3 KB
7 adform.net
adx.adform.net — Cisco Umbrella Rank: 4785
cm.adform.net — Cisco Umbrella Rank: 1576
dmp.adform.net — Cisco Umbrella Rank: 2002
track.adform.net — Cisco Umbrella Rank: 3678
c1.adform.net — Cisco Umbrella Rank: 529
2 KB
7 pubmatic.com
ads.pubmatic.com — Cisco Umbrella Rank: 429
hbopenbid.pubmatic.com — Cisco Umbrella Rank: 420
image6.pubmatic.com — Cisco Umbrella Rank: 582
24 KB
6 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 295
2 KB
6 openx.net
thesource2-d.openx.net — Cisco Umbrella Rank: 356994
u.openx.net — Cisco Umbrella Rank: 636
primis-d.openx.net — Cisco Umbrella Rank: 13063
rtb.openx.net — Cisco Umbrella Rank: 1330
1 KB
6 gstatic.com
fonts.gstatic.com
99 KB
6 onesignal.com
cdn.onesignal.com — Cisco Umbrella Rank: 2951
onesignal.com — Cisco Umbrella Rank: 1314
img.onesignal.com — Cisco Umbrella Rank: 6558
90 KB
6 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
imasdk.googleapis.com — Cisco Umbrella Rank: 407
313 KB
5 advertising.com
ads.adaptv.advertising.com — Cisco Umbrella Rank: 1058
pixel.advertising.com — Cisco Umbrella Rank: 307
1 KB
5 2mdn.net
s0.2mdn.net — Cisco Umbrella Rank: 246
1 MB
5 ampproject.org
cdn.ampproject.org — Cisco Umbrella Rank: 346
111 KB
5 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 146
178 KB
4 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 618
4 KB
4 mathtag.com
pixel.mathtag.com — Cisco Umbrella Rank: 1050
sync.mathtag.com — Cisco Umbrella Rank: 387
2 KB
4 everesttech.net
sync-tm.everesttech.net — Cisco Umbrella Rank: 491
790 B
4 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 357
2 KB
4 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 31
21 KB
3 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 371
usermatch.krxd.net — Cisco Umbrella Rank: 981
939 B
3 crwdcntrl.net
bcp.crwdcntrl.net — Cisco Umbrella Rank: 629
tags.crwdcntrl.net — Cisco Umbrella Rank: 2036
12 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 187
2 KB
3 richaudience.com
sync.richaudience.com — Cisco Umbrella Rank: 1515
742 B
3 sitescout.com
pixel.sitescout.com — Cisco Umbrella Rank: 2837
pixel-sync.sitescout.com — Cisco Umbrella Rank: 542
2 KB
3 spotxchange.com
sync.search.spotxchange.com — Cisco Umbrella Rank: 469
search.spotxchange.com — Cisco Umbrella Rank: 385
2 KB
3 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 865
2 KB
3 google.de
www.google.de — Cisco Umbrella Rank: 6342
adservice.google.de — Cisco Umbrella Rank: 9027
1 KB
3 twitter.com
platform.twitter.com — Cisco Umbrella Rank: 591
syndication.twitter.com — Cisco Umbrella Rank: 840
133 KB
3 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 829
pixel.quantserve.com — Cisco Umbrella Rank: 374
11 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 129
2 KB
2 eqads.com
um2.eqads.com
563 B
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 691
840 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 444
860 B
2 weborama.fr
idsync.frontend.weborama.fr — Cisco Umbrella Rank: 23557
671 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 977
792 B
2 exelator.com
loadm.exelator.com — Cisco Umbrella Rank: 891
loadeu.exelator.com — Cisco Umbrella Rank: 6812
954 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 585
721 B
2 media.net
prebid.media.net — Cisco Umbrella Rank: 1112
contextual.media.net — Cisco Umbrella Rank: 478
9 KB
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 265
440 B
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 126
83 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 50
72 KB
1 criteo.com
dis.criteo.com
362 B
1 adentifi.com
rtb.adentifi.com
88 B
1 stackadapt.com
sync.srv.stackadapt.com
578 B
1 dotomi.com
casale-match.dotomi.com
187 B
1 adgrx.com
cm.adgrx.com
408 B
1 cognitivlabs.com
beacon.lynx.cognitivlabs.com — Cisco Umbrella Rank: 1174
378 B
1 bttrack.com
bttrack.com — Cisco Umbrella Rank: 648
380 B
1 cookieless-data.com
js.cookieless-data.com — Cisco Umbrella Rank: 4583
535 B
1 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 523
301 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 212
592 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 439
703 B
1 mrtnsvr.com
ad.mrtnsvr.com — Cisco Umbrella Rank: 1554
250 B
1 ibillboard.com
bbnaut.ibillboard.com — Cisco Umbrella Rank: 17653
550 B
1 rlcdn.com
api.rlcdn.com Failed
id.rlcdn.com — Cisco Umbrella Rank: 548
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 653
425 B
1 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1410
546 B
1 imrworldwide.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com — Cisco Umbrella Rank: 160499
214 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 425
225 B
1 agkn.com
aa.agkn.com — Cisco Umbrella Rank: 388
379 B
1 theadex.com
dmp.theadex.com — Cisco Umbrella Rank: 19441
336 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1393
596 B
1 bemail.it
bn01.er.bemail.it — Cisco Umbrella Rank: 125516
659 B
1 fwmrm.net
dmp.v.fwmrm.net — Cisco Umbrella Rank: 9578
411 B
1 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 571
165 B
1 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2683
1 smartadserver.com
prg.smartadserver.com — Cisco Umbrella Rank: 1311
335 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 614
577 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 911
243 B
1 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1014
347 B
1 postrelease.com
exchange.postrelease.com — Cisco Umbrella Rank: 4388
391 B
1 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 598
519 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 770
1 KB
1 mailchimp.com
cdn-images.mailchimp.com — Cisco Umbrella Rank: 4595
2 KB
1 amazonaws.com
hb-thesource.s3.us-east-2.amazonaws.com — Cisco Umbrella Rank: 362583
296 KB
0 m6r.eu Failed
tracking.m6r.eu Failed
414 88
Domain Requested by
63 thesource.com 1 redirects thesource.com
19 live.primis.tech securepubads.g.doubleclick.net
live.primis.tech
thesource.com
19 tpc.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
thesource.com
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
18 pagead2.googlesyndication.com securepubads.g.doubleclick.net
tpc.googlesyndication.com
thesource.com
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
www.googletagservices.com
srcdoc
17 cm.g.doubleclick.net 9 redirects googleads.g.doubleclick.net
spl.zeotap.com
ssum.casalemedia.com
eus.rubiconproject.com
eb2.3lift.com
16 dsum-sec.casalemedia.com 4 redirects googleads.g.doubleclick.net
ssum.casalemedia.com
ssum-sec.casalemedia.com
um2.eqads.com
15 ib.adnxs.com 5 redirects hb-thesource.s3.us-east-2.amazonaws.com
googleads.g.doubleclick.net
live.primis.tech
spl.zeotap.com
acdn.adnxs.com
12 mwzeom.zeotap.com ads.us.e-planning.net
10 ih.adscale.de 1 redirects js.adscale.de
ih.adscale.de
9 sync.console.adtarget.com.tr s.console.adtarget.com.tr
js.adscale.de
ads.us.e-planning.net
9 fastlane.rubiconproject.com hb-thesource.s3.us-east-2.amazonaws.com
9 securepubads.g.doubleclick.net www.googletagservices.com
securepubads.g.doubleclick.net
thesource.com
imasdk.googleapis.com
7 eb2.3lift.com 3 redirects hb-thesource.s3.us-east-2.amazonaws.com
eb2.3lift.com
7 video.primis.tech
6 match.adsrvr.org 3 redirects ssum.casalemedia.com
eus.rubiconproject.com
eb2.3lift.com
6 eus.rubiconproject.com ads.us.e-planning.net
eus.rubiconproject.com
hb-thesource.s3.us-east-2.amazonaws.com
live.primis.tech
6 googleads.g.doubleclick.net f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
thesource.com
6 www.google.com 2 redirects thesource.com
tpc.googlesyndication.com
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
6 fonts.gstatic.com fonts.googleapis.com
6 c.amazon-adsystem.com thesource.com
c.amazon-adsystem.com
live.primis.tech
5 s0.2mdn.net f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
imasdk.googleapis.com
5 cdn.ampproject.org securepubads.g.doubleclick.net
5 c2shb.ssp.yahoo.com hb-thesource.s3.us-east-2.amazonaws.com
5 www.googletagservices.com thesource.com
securepubads.g.doubleclick.net
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
4 pixel.advertising.com 3 redirects
4 ups.analytics.yahoo.com 1 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 js-sec.indexww.com hb-thesource.s3.us-east-2.amazonaws.com
ssum-sec.casalemedia.com
live.primis.tech
4 s.amazon-adsystem.com 2 redirects ssum.casalemedia.com
eb2.3lift.com
4 sync-tm.everesttech.net 2 redirects spl.zeotap.com
ssum-sec.casalemedia.com
4 pixel.tapad.com 3 redirects spl.zeotap.com
4 pixel.rubiconproject.com thesource.com
eus.rubiconproject.com
4 ads.pubmatic.com live.primis.tech
s.console.adtarget.com.tr
ads.us.e-planning.net
4 googleads4.g.doubleclick.net thesource.com
4 f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com securepubads.g.doubleclick.net
4 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
thesource.com
4 fonts.googleapis.com thesource.com
live.primis.tech
3 sync.mathtag.com 3 redirects
3 pr-bh.ybp.yahoo.com 2 redirects ssum.casalemedia.com
3 dpm.demdex.net 2 redirects ssum.casalemedia.com
3 spl.zeotap.com ads.us.e-planning.net
spl.zeotap.com
3 sync.richaudience.com 1 redirects ads.us.e-planning.net
spl.zeotap.com
3 u-ams02.e-planning.net ads.us.e-planning.net
ssum.casalemedia.com
3 js.adscale.de s.console.adtarget.com.tr
js.adscale.de
ih.adscale.de
3 prebid-server.rubiconproject.com live.primis.tech
3 ssum-sec.casalemedia.com 1 redirects js-sec.indexww.com
3 u.openx.net live.primis.tech
hb-thesource.s3.us-east-2.amazonaws.com
3 adservice.google.com securepubads.g.doubleclick.net
imasdk.googleapis.com
3 onetag-sys.com hb-thesource.s3.us-east-2.amazonaws.com
ads.us.e-planning.net
3 onesignal.com cdn.onesignal.com
3 sb.scorecardresearch.com 1 redirects thesource.com
2 um2.eqads.com 1 redirects ssum-sec.casalemedia.com
2 um.simpli.fi 1 redirects ssum-sec.casalemedia.com
2 track.adform.net 2 redirects
2 match.prod.bidr.io ssum-sec.casalemedia.com
2 acdn.adnxs.com hb-thesource.s3.us-east-2.amazonaws.com
live.primis.tech
2 aax-eu.amazon-adsystem.com 1 redirects ads.us.e-planning.net
2 beacon.krxd.net spl.zeotap.com
ads.us.e-planning.net
2 bcp.crwdcntrl.net 2 redirects
2 idsync.frontend.weborama.fr 2 redirects
2 sync.tidaltv.com 2 redirects
2 imasdk.googleapis.com live.primis.tech
imasdk.googleapis.com
2 ssum.casalemedia.com 1 redirects ads.us.e-planning.net
2 s.e-planning.net ads.us.e-planning.net
2 pixel.sitescout.com 2 redirects
2 creativecdn.com 2 redirects
2 ads.us.e-planning.net 1 redirects s.console.adtarget.com.tr
2 image6.pubmatic.com ads.pubmatic.com
spl.zeotap.com
2 adx.adform.net live.primis.tech
2 secure.adnxs.com 1 redirects ssum-sec.casalemedia.com
2 x.bidswitch.net thesource.com
eb2.3lift.com
2 sync.search.spotxchange.com 2 redirects
2 htlb.casalemedia.com hb-thesource.s3.us-east-2.amazonaws.com
live.primis.tech
2 www.google.de thesource.com
2 pixel.quantserve.com 1 redirects thesource.com
2 stats.g.doubleclick.net www.google-analytics.com
2 platform.twitter.com thesource.com
platform.twitter.com
2 cdn.onesignal.com thesource.com
cdn.onesignal.com
2 connect.facebook.net thesource.com
connect.facebook.net
2 www.googletagmanager.com thesource.com
1 adscale-emea.adnxs.com 1 redirects
1 dis.criteo.com ih.adscale.de
1 rtb.adentifi.com ssum-sec.casalemedia.com
1 sync.srv.stackadapt.com 1 redirects
1 c1.adform.net ssum-sec.casalemedia.com
1 pixel-sync.sitescout.com 1 redirects
1 dsum.casalemedia.com ssum-sec.casalemedia.com
1 casale-match.dotomi.com 1 redirects
1 contextual.media.net live.primis.tech
1 cm.adgrx.com ssum-sec.casalemedia.com
1 beacon.lynx.cognitivlabs.com 1 redirects
1 bttrack.com ssum-sec.casalemedia.com
1 js.cookieless-data.com s.e-planning.net
1 b1sync.zemanta.com 1 redirects
1 c.bing.com eb2.3lift.com
1 px.ads.linkedin.com eb2.3lift.com
1 ad.mrtnsvr.com 1 redirects
1 bbnaut.ibillboard.com 1 redirects
1 id.rlcdn.com eus.rubiconproject.com
1 ads.yahoo.com eus.rubiconproject.com
1 tags.crwdcntrl.net s.e-planning.net
1 pixel-eu.rubiconproject.com eus.rubiconproject.com
1 ad.turn.com 1 redirects
1 sync.extend.tv 1 redirects
1 obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com 1 redirects
1 tags.bluekai.com spl.zeotap.com
1 usermatch.krxd.net 1 redirects
1 pixel.mathtag.com 1 redirects
1 aa.agkn.com 1 redirects
1 cms.analytics.yahoo.com 1 redirects
1 dmp.theadex.com spl.zeotap.com
1 dsp.adfarm1.adition.com 1 redirects
1 bn01.er.bemail.it 1 redirects
1 loadeu.exelator.com spl.zeotap.com
1 dmp.v.fwmrm.net spl.zeotap.com
1 trc.taboola.com spl.zeotap.com
1 dmp.adform.net spl.zeotap.com
1 i.e-planning.net ads.us.e-planning.net
1 secure-assets.rubiconproject.com 1 redirects
1 a.audrte.com ads.us.e-planning.net
1 rtb.openx.net ads.us.e-planning.net
1 loadm.exelator.com 1 redirects
1 cm.adform.net s.console.adtarget.com.tr
1 search.spotxchange.com live.primis.tech
1 prg.smartadserver.com live.primis.tech
1 hbopenbid.pubmatic.com live.primis.tech
1 ads.adaptv.advertising.com live.primis.tech
1 prebid.media.net live.primis.tech
1 primis-d.openx.net live.primis.tech
1 ads.stickyadstv.com live.primis.tech
1 csync.loopme.me 1 redirects
1 s.console.adtarget.com.tr live.primis.tech
1 adservice.google.de securepubads.g.doubleclick.net
1 img.onesignal.com thesource.com
1 prebid.a-mo.net hb-thesource.s3.us-east-2.amazonaws.com
1 tlx.3lift.com hb-thesource.s3.us-east-2.amazonaws.com
1 thesource2-d.openx.net hb-thesource.s3.us-east-2.amazonaws.com
1 exchange.postrelease.com hb-thesource.s3.us-east-2.amazonaws.com
1 ap.lijit.com hb-thesource.s3.us-east-2.amazonaws.com
1 syndication.twitter.com platform.twitter.com
1 rules.quantcount.com secure.quantserve.com
1 cdn-images.mailchimp.com thesource.com
1 secure.quantserve.com thesource.com
1 hb-thesource.s3.us-east-2.amazonaws.com thesource.com
0 tracking.m6r.eu Failed js.adscale.de
0 api.rlcdn.com Failed hb-thesource.s3.us-east-2.amazonaws.com
414 146

This site contains links to these domains. Also see Links.

Domain
bit.ly
streaming.thesource.com
thesource360.com
the-source-merch.myshopify.com
Subject Issuer Validity Valid
*.thesource.com
Go Daddy Secure Certificate Authority - G2		 2021-11-07 -
2022-10-16		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.s3.us-east-2.amazonaws.com
Amazon		 2021-12-17 -
2022-12-16		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
c.amazon-adsystem.com
Amazon		 2021-07-06 -
2022-06-27		 a year crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2021-11-23 -
2022-02-21		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-07-04 -
2022-07-03		 a year crt.sh
*.scorecardresearch.com
Amazon		 2022-01-29 -
2023-02-27		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.twimg.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-20 -
2022-10-19		 a year crt.sh
cdn-images.mailchimp.com
Amazon		 2021-07-21 -
2022-08-19		 a year crt.sh
syndication.twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-31 -
2022-10-30		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-03-30 -
2022-04-04		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2021-03-05 -
2022-02-19		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2021-03-11 -
2022-04-12		 a year crt.sh
*.postrelease.com
Amazon		 2021-12-28 -
2023-01-25		 a year crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.3lift.com
Amazon		 2021-06-12 -
2022-07-11		 a year crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-14 -
2022-04-06		 6 months crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.a-mo.net
R3		 2021-12-28 -
2022-03-28		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
primis.tech
Go Daddy Secure Certificate Authority - G2		 2021-10-29 -
2022-06-18		 8 months crt.sh
misc-sni.google.com
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2022-01-17 -
2022-04-11		 3 months crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
s.console.adtarget.com.tr
ZeroSSL ECC Domain Secure Site CA		 2022-01-28 -
2022-04-28		 3 months crt.sh
*.bidswitch.net
Sectigo RSA Domain Validation Secure Server CA		 2020-04-23 -
2022-05-04		 2 years crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
ads.stickyadstv.com
DigiCert SHA2 Secure Server CA		 2021-09-19 -
2022-09-20		 a year crt.sh
*.media.net
Sectigo RSA Domain Validation Secure Server CA		 2021-04-12 -
2022-05-05		 a year crt.sh
*.v.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2021-10-19 -
2022-04-13		 6 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.spotxchange.com
GeoTrust RSA CA 2018		 2021-03-10 -
2022-03-29		 a year crt.sh
sync.console.adtarget.com.tr
R3		 2022-01-27 -
2022-04-27		 3 months crt.sh
ads.us.e-planning.net
R3		 2021-12-17 -
2022-03-17		 3 months crt.sh
*.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-05-28 -
2022-06-15		 a year crt.sh
*.adscale.de
Amazon		 2021-08-08 -
2022-09-06		 a year crt.sh
*.audrte.com
Amazon		 2021-01-26 -
2022-02-24		 a year crt.sh
*.e-planning.net
R3		 2021-12-30 -
2022-03-30		 3 months crt.sh
i.e-planning.net
Sectigo RSA Domain Validation Secure Server CA		 2021-02-03 -
2022-03-06		 a year crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.v.fwmrm.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-29 -
2022-12-30		 a year crt.sh
*.exelator.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-06-07		 a year crt.sh
*.tapad.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-13 -
2022-10-14		 a year crt.sh
*.theadex.com
AlphaSSL CA - SHA256 - G2		 2021-10-01 -
2022-11-02		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-03 -
2022-11-02		 a year crt.sh
*.richaudience.com
RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1		 2021-03-17 -
2022-03-16		 a year crt.sh
*.everesttech.net
GlobalSign Atlas R3 DV TLS CA 2022 Q1		 2022-02-03 -
2023-03-07		 a year crt.sh
odc-pixel-prod-01.oracle.com
DigiCert SHA2 Secure Server CA		 2021-11-24 -
2022-04-26		 5 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2021-03-18 -
2022-04-19		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
cdn.adnxs.com
GeoTrust RSA CA 2018		 2021-12-10 -
2022-12-09		 a year crt.sh
*.crwdcntrl.net
Go Daddy Secure Certificate Authority - G2		 2021-04-29 -
2022-05-31		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
www.linkedin.com
DigiCert SHA2 Secure Server CA		 2021-12-06 -
2022-06-06		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 01		 2021-12-22 -
2022-06-22		 6 months crt.sh
js.cookieless-data.com
R3		 2021-12-08 -
2022-03-08		 3 months crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-11 -
2022-07-06		 6 months crt.sh
*.bttrack.com
Sectigo RSA Domain Validation Secure Server CA		 2021-03-29 -
2022-03-29		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2021-02-24 -
2022-03-26		 a year crt.sh
adentifi.com
Amazon		 2021-09-04 -
2022-10-03		 a year crt.sh
um3.eqads.com
Amazon		 2021-06-26 -
2022-07-25		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-02-04 -
2022-05-03		 3 months crt.sh

This page contains 55 frames:

Primary Page: https://thesource.com/
Frame ID: E429072FDCBB199AF7FF8823592519CA
Requests: 140 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fthesource.com
Frame ID: A427CCFD53510C2544DC6E297CFAD97B
Requests: 2 HTTP requests in this frame

Frame: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 818E1CB94CF4695840829364C8590A97
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 45E7123D2ADD546CB69328BB39D0F34F
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 90B5B630F7F916074037CC94EFA887B0
Requests: 2 HTTP requests in this frame

Frame: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: A7F7D5DEA2433C518F923B6FF52CB12F
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstm1a66A4gzynga9WQv9AxpTyzt9ib0aCN4AYPDpAxrQAWmMZNuq2hPdORhFnBW8A3x8ncPuXnHlk6pD7bBsGNWDykEH3yLkbmQsg2oqXEtfBg3vMktg1i-3M9l7pKsGP5QMRx44rBDpQCI5WvJDd_yzmXD9VcpQpT7uAmVI59BuXR8rfGxrR8N7Ycl-QIhIV3fUe0OAu571lvOs0SSMSmUvFZ-Z6T6ipk_iT9OcCHhkNI5F1pHNRi2iF9rKU9_Q2JsLD_H4x9bN4x0IoccPKCXvtqnNcNHEeNAdubFBAHn24eRYVo8S4tusNs_uRaVT1M&sai=AMfl-YSRAaz2i_26VDi6zjhBQ0bNHlHC6ysXzC0xcbW-OPB1sBRGw6Qwfwjd2R6a7lJz-bNNn72Y9DDtGNXyjpfL-70EbvooduGsYd_IG-4al6JkOpEGgAoxdafj1kUFR4E&sig=Cg0ArKJSzLlmDPOw6fstEAE&uach_m=[UACH]&urlfix=1&adurl=
Frame ID: A1B8FD9946DE5ADDBFBF28DDB010ED6A
Requests: 45 HTTP requests in this frame

Frame: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 408946E3FB5C88BEA70D974F214E692D
Requests: 12 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Frame ID: 59BD1EA911B0802A2247699FFC24A62C
Requests: 11 HTTP requests in this frame

Frame: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 057BD0F0EFC17DD14B808C7F4A92F3BE
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLfCtLsBMAE&v=APEucNWi1WUBiisEXy-FssKMkksYGsLr8LA11xuibKP-O5qHMkqnrWNcbosOU7Tc1BLSGNDmuNnNPcYWUlXoSI3jwGUbtU1V2jbJPdRIyu53Gqw4-uZdBZI_YJ84Qbd_xtlFwF16uIf9LKzuL1MZhbnOMuM6-XpvliYijLAXw6fuZI77PfXcVpE
Frame ID: 42F60C8B29639C42B02C6B5D2E9C8CF1
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGITLtLsBMAE&v=APEucNXCPco2aaaJl9_K6Ai5zoFE7m9BlVx9MmtrpWRtudd9nyOLXrv5yn4eMM9_DKo_v55hFQ-emN8kpMfEJwVZ8_eMbL1rdAuMd5WDEs7CxC8s3q1gD7HA_q6wyuLFZEIoMwSNmApEIufrugoWbVUh4zg-kkb3sDjBP-31XXC9XdiMWPKQf5g
Frame ID: E881798BE88C7AE83979C66D69EC07C0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 97D950941AB6356C37494F6FE8A9E296
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 7FAB322981A0581FC5B0B757AEA1DA86
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: A1536E8112EADA01755699AF6E694886
Requests: 3 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Roboto&display=swap
Frame ID: 707827C9C37B43A473A17F14B8EDBAAB
Requests: 7 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Frame ID: 81254F0F89361620295B8520A5CDEFE3
Requests: 2 HTTP requests in this frame

Frame: https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=94&advUuid=9f45b308-8d5c-11ec-a92a-10b91cd50206
Frame ID: DF1102F8C56D755BA096840E8EC031F5
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D98%26advUuid%3D
Frame ID: 98F869F7F49FD3CD87B3D3FF134C2DDA
Requests: 1 HTTP requests in this frame

Frame: https://s.console.adtarget.com.tr/sync.html?aid=556966
Frame ID: C3BDCCD8E71314DBA868B22D95A0F2B7
Requests: 3 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Frame ID: 9DFB79CAE5CC49DC702B9E4A225D57C9
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Frame ID: 4C9790A6D016647F9B727F87FEA7D627
Requests: 1 HTTP requests in this frame

Frame: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Frame ID: 2A6B560D4D1CB01974113DE1C629A301
Requests: 8 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Frame ID: 89CEE7DCF6D7105568F3C33ED8BFAA85
Requests: 1 HTTP requests in this frame

Frame: https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Frame ID: 84FE2667561652053550C77B26F8D47D
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Frame ID: E3B3A8D979580B66912FC3C2A95C3E87
Requests: 1 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=FnRwMWzVlB0zfyei7KwG&pi=admatic&tc=1
Frame ID: 247804CAF28C08D2E6A590983A8E9AFB
Requests: 1 HTTP requests in this frame

Frame: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Frame ID: D0697F47EF1B9C44251D2D419744BB17
Requests: 5 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Frame ID: AAB72297799E647B9572A26B58ED533C
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Frame ID: 38291FC88ABBCB1AE9121D84FC3CAEB8
Requests: 11 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dd908aed30d4513ef%26uid%3D
Frame ID: 594F752394C02855D66450809A6BC900
Requests: 1 HTTP requests in this frame

Frame: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Frame ID: FE66F6AEDAD927C36BD82CFDAA577980
Requests: 10 HTTP requests in this frame

Frame: https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Frame ID: E2781ADA8846AD91CE3003056CC209A0
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Frame ID: 588EE6426B8DAF0666B947272DF02E8A
Requests: 1 HTTP requests in this frame

Frame: https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361&cmp=0
Frame ID: B23CBDE7B0FAD2F3B9CE9CF7D44AEB8B
Requests: 30 HTTP requests in this frame

Frame: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Frame ID: E04552099F4239FC18A5C0B67EF23D2E
Requests: 10 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: B06B57EB0E2D4C9B9A6DCF5CEF57416D
Requests: 3 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: BC003BBDB023BA8B6DD87E4CAB26A88B
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: FF6A0A49505D9516CF00548E81D0635B
Requests: 1 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd
Frame ID: 0968CD8CF1588B1A6BB5A69C0FCB1234
Requests: 1 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1644818948346
Frame ID: 22BF5DBE0D5672F19C530DE5E71D7725
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html
Frame ID: CFEF3362E411CB58EC10CE8B0288B992
Requests: 2 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.498.1_en.html
Frame ID: 47750DA5C3C89A6F85D4B90CBB3FF380
Requests: 3 HTTP requests in this frame

Frame: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Frame ID: 2F2295E8858E75A8036DECE2211FAFA8
Requests: 2 HTTP requests in this frame

Frame: https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AIBmG0l3I1jSJ6Rb
Frame ID: 7C73DA8C810EB32BE82668FB9B725EEC
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Frame ID: FF873A2EADFB9D25F6B53692392DC4AF
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 94A61736C9DB5AA1353252FABFDCC5BA
Requests: 10 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Frame ID: D5E090312618718A4A3406CFA1322516
Requests: 2 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 7E75B7E6BE8788F0C9E71623A18079A1
Requests: 3 HTTP requests in this frame

Frame: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Frame ID: 8A622FA156C0B89A2178782B4BC5F4BC
Requests: 1 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 519C3C728868A129E11DDF57F7AC8B9A
Requests: 1 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C2028%2C157%2C2027%2C2026%2C159%2C2025%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C201%2C4%2C2037%2C203%2C126%2C226%2C80%2C10000%2C9%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Frame ID: A989F5F00FE91041E48D8D4F4B8C7181
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Frame ID: AFA39BC7AA3224666AFBABBEB2807CB4
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: 1041E87870DD523C27B68C697B343359
Requests: 9 HTTP requests in this frame

Frame: https://um2.eqads.com/um/cs&eq_cc=1
Frame ID: 6050F6FDCD32221BC95FCC5DAC0FD3EC
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

The Source - The Magazine of Hip Hop Music,Culture and Politics

Page URL History Show full URLs

  1. http://thesource.com/ HTTP 301
    https://thesource.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
  • wp-embed\.min\.js\?ver=([\d.]+)
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • tpc\.googlesyndication\.com/safeframe
Overall confidence: 100%
Detected patterns
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
  • 2mdn\.net
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • cdn-images\.mailchimp\.com/[^>]*\.css
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • cdn\.onesignal\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • (?:/([\d.]+))?/slick(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • //platform\.twitter\.com/widgets\.js
Overall confidence: 100%
Detected patterns
  • <iframe[^>]* (?:id="comscore"|scr=[^>]+comscore)|\.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

414
Requests

84 %
HTTPS

27 %
IPv6

88
Domains

146
Subdomains

106
IPs

11
Countries

6469 kB
Transfer

12236 kB
Size

89
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://thesource.com/ HTTP 301
    https://thesource.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 73
  • https://sb.scorecardresearch.com/b?c1=2&c2=34210833&ns__t=1644818947475&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2Fthesource.com%2F&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=34210833&ns__t=1644818947475&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2Fthesource.com%2F&c9=
Request Chain 199
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 201
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
Request Chain 202
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgnyBJBcyJc9noldbsjVywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
Request Chain 203
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDBiMyii-inLK2rz2tCokmU&google_cver=1
Request Chain 204
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1MTIxNTIwOTM1NTcwOTk%3D
Request Chain 205
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
Request Chain 206
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgnyBJBcyJc9noldbsjVywAA HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
Request Chain 207
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDBiMyii-inLK2rz2tCokmU&google_cver=1
Request Chain 208
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxNDI5NDc5NjEyMjA1MTM5Mg%3D%3D
Request Chain 211
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 219
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID HTTP 302
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D94%26advUuid%3D%24SPOTX_USER_ID&__user_check__=1&sync_id=9f45b357-8d5c-11ec-a92a-10b91cd50206 HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=94&advUuid=9f45b308-8d5c-11ec-a92a-10b91cd50206
Request Chain 232
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D HTTP 307
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=93&advUuid=e069e9cf-ad40-407f-b6d5-38007c72d9c9
Request Chain 233
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D99%26advUuid%3D HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=99&advUuid=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB
Request Chain 234
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServlet%253Fat%253D20%2526mi%253D10%2526dpi%253D259151345%2526pcid%253D%24UID%26advId%3D121%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D4442326126424788785380&advId=121&advUuid=4442326126424788785380
Request Chain 236
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D105%26advUuid%3D%24UID HTTP 302
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=105&advUuid=50512152093557099
Request Chain 258
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID HTTP 302
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Request Chain 262
  • https://creativecdn.com/cm-notify?pi=admatic HTTP 302
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1 HTTP 302
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=FnRwMWzVlB0zfyei7KwG&pi=admatic&tc=1
Request Chain 268
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dd908aed30d4513ef HTTP 302
  • https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dd908aed30d4513ef HTTP 302
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3Db0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348%26partner_url%3Dhttps%253A%252F%252Fu-ams02.e-planning.net%252Fum%253Fuid%253Db0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348%2526dc%253D0abbcb4eba840e59%2526fi%253Dd908aed30d4513ef HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3Db0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348%26dc%3D0abbcb4eba840e59%26fi%3Dd908aed30d4513ef HTTP 302
  • https://u-ams02.e-planning.net/um?uid=b0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348&dc=0abbcb4eba840e59&fi=d908aed30d4513ef
Request Chain 272
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dd908aed30d4513ef HTTP 302
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Request Chain 273
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dd908aed30d4513ef%26uid%3D%24UID HTTP 302
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d908aed30d4513ef&uid=50512152093557099
Request Chain 274
  • https://ih.adscale.de/uu?cbfn=receive&t=1644818951 HTTP 302
  • https://ih.adscale.de/uu?cbfn=receive&t=1644818951&nut&uu=5846078ef9854425afe37b8a2466bf05
Request Chain 275
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu HTTP 301
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Request Chain 289
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=db1a488b-5632-49fd-ba23-5b11149174e1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Request Chain 291
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=0198e94a-860a-47fd-939b-7dbd9121fbdd&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Request Chain 295
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361 HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361&s_h=1 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=a47d662d-d462-4880-92e1-3a2d54e1cde5&zpartnerid=317&gdpr=1&gdpr_consent=
Request Chain 296
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a7d0e044-c12d-4eca-408f-689f066ba20a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a7d0e044-c12d-4eca-408f-689f066ba20a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=04426606487396862351521073587310657736&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Request Chain 298
  • https://bn01.er.bemail.it/zeotap.php?_bid=a7d0e044-c12d-4eca-408f-689f066ba20a&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022021407-32186-0.141778001644818950-b6c10362ecc5d58f057770fb35c346ff&zdid=533&env=mWeb
Request Chain 299
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=7064443593810180246&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Request Chain 301
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a7d0e044-c12d-4eca-408f-689f066ba20a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361 HTTP 302
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a7d0e044-c12d-4eca-408f-689f066ba20a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361&bounce=1&random=1137467074 HTTP 302
  • https://mwzeom.zeotap.com/mw?webouuid=gAqgh.5uSItXUp7RSBwDZ.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Request Chain 303
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a7d0e044-c12d-4eca-408f-689f066ba20a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361 HTTP 302
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a7d0e044-c12d-4eca-408f-689f066ba20a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?pid=b1de5e0acbc9c91360d3219971e8fde5&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Request Chain 304
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=y-UNCKZtdE2orQLc9pbZqW3HbdLlNDv.dZeg--~A&zpartnerid=570&env=mWeb
Request Chain 305
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ChKoyJk2pBmEv4ivxVONzm8wzGEgeITC%2BS41iYitP1U%3D
Request Chain 309
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?cid=11bb6209-f206-4f00-b14b-a3aee7b8ab78&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Request Chain 310
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Request Chain 311
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7d0e044-c12d-4eca-408f-689f066ba20a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7d0e044-c12d-4eca-408f-689f066ba20a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361&dcc=t
Request Chain 313
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361 HTTP 302
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Request Chain 323
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB&dcc=t
Request Chain 325
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=920cd561-abbd-47f1-885f-bcaae4b0e88d
Request Chain 326
  • https://ad.turn.com/r/cs?pid=21&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9033136977621647392
Request Chain 328
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ndGWos3RlqmG0ceum4GLq8jaxaiG05Osz9dQ5Tng
Request Chain 345
  • https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNkN2ZiZDY4Y2E2ZmE3NzZhYzUxMzRiZmQ3MTMzYWExYmQ0YjAwNw
Request Chain 346
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/8XBKtYhKU0b3Um3jb4Deqcn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7027309189656695243
Request Chain 347
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=aa056209-f206-4f00-94dc-7a4c159709e4
Request Chain 349
  • https://token.rubiconproject.com/token?pid=25470 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pNQVFEVVctMVctODg2TQ==
Request Chain 350
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFnRLwNHRfKyknlht668x2A&google_cver=1
Request Chain 351
  • https://token.rubiconproject.com/token?pid=26594 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZMAQDUW-1W-886M&sigv=1&esig=2~a20d414419d7d01516365cccfe4f4a9cf3944a6b
Request Chain 354
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=5846078ef9854425afe37b8a2466bf05&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fimg%3Ftpid%3D101%26tpuid%3DIBB_USER_ID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=101&tpuid=BBID-01-03195329503556354-16525656
Request Chain 356
  • https://ad.mrtnsvr.com/sync/triplelift HTTP 302
  • https://eb2.3lift.com/xuidmid=7976&xuid=3tj6fyN4M&dongle=u6nf
Request Chain 358
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ0MjMyNjEyNjQyNDc4ODc4NTM4MA%3D%3D
Request Chain 360
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4442326126424788785380?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-VpKhjFpE2oSZlCv8n9aa251Kd8R5Mmx1FxKi09cfyg--~A&dongle=0883
Request Chain 362
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4442326126424788785380 HTTP 302
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4442326126424788785380&dcc=t
Request Chain 364
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Request Chain 375
  • https://beacon.lynx.cognitivlabs.com/ix.gif HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=92644fdd-86b8-4db9-9ec4-c87fb091d6db&expiration=1676354950
Request Chain 376
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=11bb6209-f206-4f00-b14b-a3aee7b8ab78&gdpr=1&gdpr_consent=
Request Chain 380
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=ed92124e089b848d3fc99d5219dc5394ae24ca645617d2757eb9caac02186bf2&tpid=63&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgnyBJBcyJc9noldbsjVywAA%26320
Request Chain 387
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=0198e94a-860a-47fd-939b-7dbd9121fbdd&_origin=1&gdpr=1&gdpr_consent=
Request Chain 388
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPa057d0b4-8d5c-11ec-be84-062baae1108c HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBhMDU3ZDBiNC04ZDVjLTExZWMtYmU4NC0wNjJiYWFlMTEwOGM%3D HTTP 302
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEFOYy5yesQ6wk6KGISpkXwk&google_cver=1 HTTP 302
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFOYy5yesQ6wk6KGISpkXwk&google_cver=1&apid=UPa057d0b4-8d5c-11ec-be84-062baae1108c
Request Chain 389
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_test=YgnyBgAGFiWWdQBB HTTP 302
  • https://pixel.advertising.com/ups/55986/sync?uid=YgnyBgAGFiWWdQBB&_origin=0&gdpr=1&gdpr_consent=&_test=YgnyBgAGFiWWdQBB
Request Chain 390
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent= HTTP 302
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=ede99e97584b9cdf305a862519a5d7a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7buser.id%7d&gdpr=1&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e4cf4_7064443598091343767 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZWRlOTllOTc1ODRiOWNkZjMwNWE4NjI1MTlhNWQ3YQ==&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEOyDSzs4gVfidKv1d8PuTRk&google_cver=1&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0198e94a-860a-47fd-939b-7dbd9121fbdd HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/ede99e97584b9cdf305a862519a5d7a?gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-.OtWo0dE2oPGNbywn.ZcvRjZodmgTQWTpgkf92x8~A HTTP 302
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=50512152093557099 HTTP 302
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=11bb6209-f206-4f00-b14b-a3aee7b8ab78&gdpr=0&gdpr_consent= HTTP 302
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YgnyBgAGFiWWdQBB&gdpr=0&gdpr_consent= HTTP 302
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent= HTTP 302
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2635539841690771505 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
Request Chain 391
  • https://track.adform.net/serving/cookie/match/?party=9&uid=41cc209823aaa6f2b42897fc45da4f3c04ad33c2f05e3bb5d40840312a2fb366&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fimg&gdpr=0 HTTP 302
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=41cc209823aaa6f2b42897fc45da4f3c04ad33c2f05e3bb5d40840312a2fb366&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=42&gdpr=0&tpuid=2635539841690771505
Request Chain 396
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1 HTTP 302
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644905351&gdpr=1
Request Chain 397
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1 HTTP 302
  • https://um.simpli.fi/no_match_opted_out
Request Chain 398
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647410951
Request Chain 401
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=8xNPVdybRFxNW9O6bePKlVLHgic
Request Chain 404
  • https://um2.eqads.com/um/cs HTTP 302
  • https://um2.eqads.com/um/cs&eq_cc=1
Request Chain 409
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=6970439cd5041777424e3631a2b4510d7fd108723c27a4c9747f8bd844ebb810&tpid=39&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=11bb6209-f206-4f00-b14b-a3aee7b8ab78&gdpr=0&gdpr_consent=
Request Chain 411
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=f27533058903c1ca36aa42bc2e494008246ddaab09b02d4e2d9cf731a8fb2e00&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fimg&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?uid=f27533058903c1ca36aa42bc2e494008246ddaab09b02d4e2d9cf731a8fb2e00&tpid=38&gdpr=0&tpuid=CAESEAiHPIt9FFXlS-sOdjtcxFA&google_cver=1
Request Chain 413
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0 HTTP 302
  • https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=75&tpuid=50512152093557099&gdpr=0

414 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
thesource.com/
Redirect Chain
  • http://thesource.com/
  • https://thesource.com/
228 KB
49 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
a03201084a29d37b3135d1075cd471bf923b06f7be56fe65c094f15a86d50025
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9

Response headers

server
nginx
date
Mon, 14 Feb 2022 06:09:04 GMT
content-type
text/html; charset=UTF-8
x-sucuri-id
15017
x-xss-protection
1; mode=block
x-frame-options
SAMEORIGIN
x-content-type-options
nosniff
content-security-policy
upgrade-insecure-requests;
expires
Thu, 19 Nov 1981 08:52:00 GMT
cache-control
no-store, no-cache, must-revalidate
pragma
no-cache
link
<https://thesource.com/wp-json/>; rel="https://api.w.org/"
content-encoding
gzip
vary
Accept-Encoding,User-Agent
referrer-policy
no-referrer-when-downgrade
x-sucuri-cache
MISS

Redirect headers

Server
Sucuri/Cloudproxy
Date
Mon, 14 Feb 2022 06:09:04 GMT
Content-Type
text/html; charset=iso-8859-1
Content-Length
230
Connection
keep-alive
X-Sucuri-ID
15017
X-XSS-Protection
1; mode=block
X-Frame-Options
SAMEORIGIN
X-Content-Type-Options
nosniff
Content-Security-Policy
upgrade-insecure-requests;
Location
https://thesource.com/
Cache-Control
max-age=3600
Expires
Mon, 14 Feb 2022 06:17:08 GMT
X-Sucuri-Cache
HIT
gpt.js
www.googletagservices.com/tag/js/ 		80 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4ae689a5b37c61962b7f8702568778b5fe5afa464b5d7e21646cd6e75cdd0153
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
27131
x-xss-protection
0
server
sffe
etag
"1131 / 488 of 1000 / last-modified: 1644620882"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 14 Feb 2022 06:09:05 GMT
prebid.js
hb-thesource.s3.us-east-2.amazonaws.com/new/ 		296 KB
296 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.219.176.194 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-r-w.us-east-2.amazonaws.com
Software
AmazonS3 /
Resource Hash
35b6aef10001dec819bbc017247ba85861a1b9f9cfcc0ded5030bc2ae15dee23

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:06 GMT
Last-Modified
Mon, 10 Jan 2022 06:51:39 GMT
Server
AmazonS3
x-amz-request-id
47NET7H9HD21K1MN
ETag
"82cd0b219e96da39aad22e832f376d05"
Content-Type
application/javascript
Cache-Control
max-age=2592000,public
Accept-Ranges
bytes
Content-Length
302788
x-amz-id-2
X8QpdYRbNIeSTmseV7qjqihB7zXPStCyKF/HHEN2Vedtiz+XQ6Wd/qgVArwskABuxvlG3kyHgYY=
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-63798235-1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0a060b40cf3490985d1359f6e5a13cefbfd4f6454484c715f72bf3ab93748c55
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36179
x-xss-protection
0
expires
Mon, 14 Feb 2022 06:09:05 GMT
sfm_style.css
thesource.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/ 		15 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/sfm_style.css?ver=5.6.7
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
dbe1bae9ac7d036a9652e5b014e300eb127e176460b1a9c5ac2db778e899b97a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3184
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:19:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24c1074-3ad3-5bb344152cb88-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
sfm_widgetStyle.css
thesource.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/ 		1004 B
792 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/feedburner-alternative-and-rss-redirect/css/sfm_widgetStyle.css?ver=5.6.7
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
1c5e854ffb860ade7b6e01352612340dd82858360c56bec6af9e12acc924b538
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
378
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:19:52 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24c1073-3ec-5bb344152cb88-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style.min.css
thesource.com/wp-includes/css/dist/block-library/ 		50 KB
8 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/css/dist/block-library/style.min.css?ver=5.6.7
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
7849
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 23 Feb 2021 02:49:53 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1425684-c88a-5bbf7f90a8b15-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
gutenslider-blocks.style.build.css
thesource.com/wp-content/plugins/gutenslider/dist/ 		32 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/gutenslider/dist/gutenslider-blocks.style.build.css?ver=1611875587
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0060af55b40b80f184a0e97d6d426a78b4662c10830484105a91d1b10f94f3c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3484
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jan 2021 23:13:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2480be9-7e66-5b9fe07ca38c8-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
dashicons.min.css
thesource.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/css/dashicons.min.css?ver=5.6.7
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
35730
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 15 Apr 2021 18:49:47 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1425739-e688-5c00753db6814-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
cursor.css
thesource.com/wp-content/plugins/animated-typing-effect/assets/css/ 		476 B
562 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/animated-typing-effect/assets/css/cursor.css?ver=5.6.7
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
a8f0cdba9af9734e31aa748a0953c3fd806d5ea2aa37d9bfebe494cd7f707ae6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
147
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:20:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2860d2e-1dc-5bb3443fe6988-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
codeboxrflexiblecountdown-public.css
thesource.com/wp-content/plugins/codeboxrflexiblecountdown/assets/css/ 		14 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/codeboxrflexiblecountdown/assets/css/codeboxrflexiblecountdown-public.css?ver=1.8.0
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
b55bb81e3860986b9367a08c2d606ccce55724e6b3e72b983047da6d107f9758
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1418
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Sep 2020 21:34:10 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1aa073a-3765-5afd99c62b211-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
styles.css
thesource.com/wp-content/plugins/contact-form-7/includes/css/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=5.3.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
730
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 26 Dec 2020 23:26:34 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1aa01e4-780-5b7665f2942a0-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
morph.css
thesource.com/wp-content/plugins/morph-by-bonfire/ 		37 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/morph.css?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
2259195eb1777a95ed2cf096f110800af53b0168aecd81673fb2a09802b0b364
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
6102
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d8-925b-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		4 KB
691 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&ver=1.0.0
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 05:23:08 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Feb 2022 06:09:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Feb 2022 06:09:05 GMT
font-awesome.min.css
thesource.com/wp-content/plugins/morph-by-bonfire/fonts/font-awesome/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/fonts/font-awesome/css/font-awesome.min.css?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
7053
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600c7-7918-5b911920d104f-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.css
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		2 KB
985 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=2.6
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
9f758ba27f5e68c0c2af1d56b729721d0bdd8a6235637c567043ab22e1eb29ea
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
570
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"288158d-62b-5bb3445c8dcee-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
recent-post-style.css
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		15 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.6
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
31197c647656a22836cab642095b18602ae852b7a291188d677a0b4eea5a35e8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2436
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2881590-3aa5-5bb3445c8dcee-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.min.css
thesource.com/wp-content/plugins/google-analytics-premium/assets/css/ 		36 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/google-analytics-premium/assets/css/frontend.min.css?ver=7.16.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
d98d7bdfe0f9ac78ec9ab3274b04e5663ef132767c4014ca899c820634b3f204
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2914
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Mar 2021 05:42:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"292047f-8f1f-5bcaf6e847163-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
style-1020px.css
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/ 		208 KB
30 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/style-1020px.css?ver=5.1.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0f63aebd33fe2858a5adc1469a271140e176e701fad42c8db359c5e7e77aee59
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
30740
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Jun 2020 23:21:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e407dd-34125-5a70e0d826ac2-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic%7CKarla%3A400%2C700%2C400italic&subset=greek%2Cgreek-ext&ver=5.1.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8081f8fe11910043503ca0df22cde91420a8ca7a04af9fd0d0ad823795f59d93
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 06:08:25 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Feb 2022 06:09:05 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Feb 2022 06:09:05 GMT
font-awesome.min.css
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/css/ 		23 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/css/font-awesome.min.css?ver=4.3.0
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5443
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Jun 2020 23:21:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e407f2-5cbb-5a70e0d826ac2-gzip"
vary
Accept-Encoding,User-Agent
content-type
text/css
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend-gtag.min.js
thesource.com/wp-content/plugins/google-analytics-premium/assets/js/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/google-analytics-premium/assets/js/frontend-gtag.min.js?ver=7.16.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
4da93c4c460686e5b52aebf600360f6aa476d4953fd1194010f1918ad6907308
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
2796
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Mar 2021 05:42:23 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"29204bf-23c0-5bcaf6e848104-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.min.js
thesource.com/wp-includes/js/jquery/ 		87 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:04 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
30916
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Dec 2020 02:42:38 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"15419fd-15d98-5b663986e5ab1-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery-migrate.min.js
thesource.com/wp-includes/js/jquery/ 		11 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4169
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 14 Dec 2020 02:42:38 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1425c99-2bd8-5b663986e5ab1-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
free-comments-for-wordpress-vuukle-public-count.js
thesource.com/wp-content/plugins/free-comments-for-wordpress-vuukle/public/js/ 		2 KB
981 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/free-comments-for-wordpress-vuukle/public/js/free-comments-for-wordpress-vuukle-public-count.js?ver=5.0.6
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
ffa57da7c3e9c28afcc94b7ccb306dbe4f68b231ac60cb2a61916628f08d7371
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
556
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 08 Nov 2021 12:15:22 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1a22c99-663-5d045f277cd0d-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
morph-accordion.js
thesource.com/wp-content/plugins/morph-by-bonfire/js/ 		2 KB
930 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/js/morph-accordion.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
1b4d9184b3010223e94829223441cd37e850f296f893982756a478a736b590a3
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
505
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d7-65a-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
modernizr.custom.min.js
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/modernizr.custom.min.js?ver=2.6.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
6221
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Jun 2020 23:21:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e40839-3b16-5a70e0d827a63-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding
gzip
etag
c1da564f59b83b9805e8df92eca012f5
age
125
x-cache
Hit from cloudfront
server
Server
x-amz-rid
167D0800X4M2C73S86V4
date
Mon, 14 Feb 2022 06:07:03 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
hu3rbX3X_iNGDXbrAiYwxCeuHW0kqhPnf44BfQpcTwWDkPQmfTtp4g==
sdk.js
connect.facebook.net/en_US/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
9f8e04713ca1fa3b1f8f9286db8bd1e4e6d992c106da0fbcce5bccc2c45b1c2c
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
lp+zs4HAfvYZ/885awkSyA==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Mon, 14 Feb 2022 06:16:20 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
1688
x-fb-rlafr
0
x-fb-debug
TBCRawfjiE10x8hHa9UvbNqvyYXAL+5p5irRF7LYI4LwoBVNSwv3yFnFcO8aYLjsWaY5x2r/volMJN34m/YlIA==
x-fb-trip-id
686109401
x-fb-content-md5
86a3a5eb657b0c09928d27ab781e9499
cross-origin-opener-policy
same-origin-allow-popups
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
date
Mon, 14 Feb 2022 06:09:05 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=1200,stale-while-revalidate=3600
etag
"7bc6ea8884709169849254a6062bfdea"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
source_logo_.svg
thesource.com/ 		3 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/source_logo_.svg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
7c000e1bbe3d84a70b062afb26a85fee789771b492d23c40c7be77a8cdaf84cf
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
1390
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
etag
"14200e8-d75-598cf3a31057c-gzip"
vary
Accept-Encoding,User-Agent
content-type
image/svg+xml
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
tumblr_0c3aca22a1bb671bf1204c5a28f04a4c_93ff5456_1280.png
thesource.com/wp-content/uploads/2022/02/ 		975 KB
977 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2022/02/tumblr_0c3aca22a1bb671bf1204c5a28f04a4c_93ff5456_1280.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
b7ffdc1ff68534ae1d2cb257a9ee406919fe3df5815ba0648aae5a207d0a9b6e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
998705
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 13 Feb 2022 17:27:20 GMT
server
nginx
etag
"1782358-f3d31-5d7e99cbe53e8"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
willow.jpeg
thesource.com/wp-content/uploads/2022/02/ 		108 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2022/02/willow.jpeg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
089a9da68c8cd212d3a613e2d231d7dcbf8fffbf76455e1aed9009493c14356a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
110375
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 13 Feb 2022 13:26:23 GMT
server
nginx
etag
"1782900-1af27-5d7e63f0b0dbd"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Dave-Chappelle.jpg
thesource.com/wp-content/uploads/2017/12/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2017/12/Dave-Chappelle.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
cb14d1c46e0612c497ae1dd8cf73388e23ac177bb1590567d7fd0774996b14f7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
75172
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Nov 2019 22:07:32 GMT
server
nginx
etag
"17018f3-125a4-597a62ca0a041"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
NickiMinaj-Bussin-e1644733277568.jpg
thesource.com/wp-content/uploads/2022/02/ 		129 KB
130 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2022/02/NickiMinaj-Bussin-e1644733277568.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
d42aa6ba62ae59850964fe93492f8517856bcdcc15df7302451bacb02efcadf1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
132197
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 13 Feb 2022 06:21:17 GMT
server
nginx
etag
"1780c2e-20465-5d7e04ec2d17a"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Nipsey-Hussle.jpg
thesource.com/wp-content/uploads/2019/04/ 		61 KB
62 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2019/04/Nipsey-Hussle.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
429a3794e6f69cb61f02e11ff0fa8a5a8377f2f17e05f624b698f3ea7dbec5bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
62901
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Nov 2019 22:07:51 GMT
server
nginx
etag
"17c55a6-f5b5-597a62dc15549"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Bronx-Experiences-Second-Fire-in-Less-Than-a-Week.jpeg
thesource.com/wp-content/uploads/2018/01/ 		170 KB
171 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2018/01/Bronx-Experiences-Second-Fire-in-Less-Than-a-Week.jpeg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
c67f5bb8887d54078f43337b13dab3899d27645de626aaf66188891c2678b157
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
174120
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Nov 2019 22:07:27 GMT
server
nginx
etag
"16e5ccb-2a828-597a62c57cee6"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Wendy-Williams-Recalls-the-Time-Diddy-Sent-Total-to-Beat-her-Up-at-Hot-97.jpg
thesource.com/wp-content/uploads/2019/10/ 		107 KB
108 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2019/10/Wendy-Williams-Recalls-the-Time-Diddy-Sent-Total-to-Beat-her-Up-at-Hot-97.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
79d7087780c392f3f8ec4c717f2a6d97b6d3bb47f3c287eb0947c52722da07ee
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
109620
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 21 Nov 2019 06:27:57 GMT
server
nginx
etag
"17c3bc1-1ac34-597d565f221f3"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
TheSource-scaled.jpg
thesource.com/wp-content/uploads/2021/02/ 		79 KB
80 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/02/TheSource-scaled.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
91937d656c2490512dc253c12ca1119bb6612654aff5cdf93d857db973fbc0bd
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
81236
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 22 Feb 2021 20:33:56 GMT
server
nginx
etag
"1844291-13d54-5bbf2b8950b3d"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
TSSDownload.jpg
thesource.com/wp-content/uploads/2021/02/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/02/TSSDownload.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
cb6c93ae56be1b80e9734a2e323c1f081735f4ae7ddc2f99b24ce7dba15b2364
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
135121
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 22 Feb 2021 20:42:53 GMT
server
nginx
etag
"18442a8-20fd1-5bbf2d898d441"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
slick.min.js
thesource.com/wp-content/plugins/gutenslider/src/vendor/slick/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/gutenslider/src/vendor/slick/slick.min.js?ver=1611875587
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
10442
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jan 2021 23:13:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2480bf9-a76f-5b9fe07ca4868-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
gutenslider.js
thesource.com/wp-content/plugins/gutenslider/dist/ 		13 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/gutenslider/dist/gutenslider.js?ver=1611875587
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
00bcc95e057fdbf8afa5fa49ef756cc654084b619188c64f0249064b141b8ffb
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3674
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 28 Jan 2021 23:13:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2480be7-3411-5b9fe07ca38c8-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
typed.js
thesource.com/wp-content/plugins/typing-animation-block/vendor/ 		32 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/typing-animation-block/vendor/typed.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
bc91070943a905f7972cf01972b38c24d80edf9c789eeaeb348fb6ee1a9e0da0
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
7296
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"28c0a3d-8039-5bb3447193d41-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
frontend.js
thesource.com/wp-content/plugins/typing-animation-block/src/ 		852 B
918 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/typing-animation-block/src/frontend.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
bd45626491501bb2353467354cafb6c8256e75252c036050282ee97fae6709f2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
492
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"28c0a4c-354-5bb3447193d41-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
typed.js
thesource.com/wp-content/plugins/animated-typing-effect/assets/js/ 		15 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/animated-typing-effect/assets/js/typed.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
561cee3ce7c56f84f342daeef6d3be53a01f09375f48f915b006779a62852dc2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4136
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:20:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2860d39-3cff-5bb3443fe6988-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
typed.fe.js
thesource.com/wp-content/plugins/animated-typing-effect/assets/js/ 		729 B
787 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/animated-typing-effect/assets/js/typed.fe.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
65fde5fc0a0151d33bea0bfc69398048f6037da276705d396761015b31ccba84
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
361
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:20:36 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2860d36-2d9-5bb3443fe6988-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
codeboxrflexiblecountdown-public.js
thesource.com/wp-content/plugins/codeboxrflexiblecountdown/assets/js/ 		126 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/codeboxrflexiblecountdown/assets/js/codeboxrflexiblecountdown-public.js?ver=1.8.0
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
59545507a40fa184e27f685a5448e2094a921c354e35ba46ca778ea64ac88944
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
33125
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 21 Sep 2020 21:34:10 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1aa0743-1f714-5afd99c62b211-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
scripts.js
thesource.com/wp-content/plugins/contact-form-7/includes/js/ 		14 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=5.3.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
3951
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 26 Dec 2020 23:26:34 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1aa020b-37c8-5b7665f2942a0-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
morph.js
thesource.com/wp-content/plugins/morph-by-bonfire/js/ 		5 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/js/morph.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
caecb1bf35e6ff8a91bf2e2a4837660e00c399d0d8692466a371373e54b90f75
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
728
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d6-1506-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
search.js
thesource.com/wp-content/plugins/morph-by-bonfire/js/ 		2 KB
881 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/js/search.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
fa48f7a91f25c7a1888f23288d2d8eec1b8c8e3bb92333b8a10b565b207c2375
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
456
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d5-873-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
retina.min.js
thesource.com/wp-content/plugins/morph-by-bonfire/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/js/retina.min.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
081ac47ebc414943049836ff8e1b06aceb20c1c27419aa8807f55f88e8dfa29b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
764
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d4-5ec-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.scrollbar.min.js
thesource.com/wp-content/plugins/morph-by-bonfire/js/ 		12 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/morph-by-bonfire/js/jquery.scrollbar.min.js?ver=1
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
cf2495ac055ca7ea80df330c2c0ea6d62babff156be8ff1645fcc2e2fa310c63
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4089
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 17 Jan 2021 05:06:39 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"24600d1-2ff3-5b911920d1fef-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
twitter-widgets.js
thesource.com/wp-content/plugins/easy-twitter-feed-widget/js/ 		486 B
740 B 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/easy-twitter-feed-widget/js/twitter-widgets.js?ver=1.0
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
d4a629c0feed21954dc06ea0116241bc40b7148d3cfc8ea9e6840b087773a132
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
315
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 18 Nov 2019 22:08:20 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1900392-1e6-597a62f75ef0c-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
jquery.ext.js
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/ 		78 KB
26 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/jquery.ext.js?ver=5.1.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
6ce3e020c5780b72d4a2aedd976cb668228ce2bb789c46dd46b19034f5504138
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
26056
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Jun 2020 23:21:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e4083a-137b4-5a70e0d827a63-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
cb-scripts.min.js
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/ 		17 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/js/cb-scripts.min.js?ver=5.1.2
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
6c9cac9b30dca2e7eeb9e9690b1bf8fb56416ac5e03f7a85f47d99c4a31df50c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
5051
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 01 Jun 2020 23:21:21 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e40837-4280-5a70e0d827a63-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wp-embed.min.js
thesource.com/wp-includes/js/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/js/wp-embed.min.js?ver=5.6.7
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
765
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Feb 2021 02:49:11 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1425c6a-592-5ba79bf963d39-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
OneSignalSDK.js
cdn.onesignal.com/sdks/ 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.7
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
962
etag
W/"a393ad4e03deeab316f7121a80708ce6"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6dd4202a78b00702-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 17 Feb 2022 06:09:05 GMT
slick.min.js
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/js/ 		42 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/js/slick.min.js?ver=2.6
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
MISS
content-length
10442
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2881593-a76f-5bb3445c8dcee-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wppsac-public.js
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/js/ 		9 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/js/wppsac-public.js?ver=2.6
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
9f9adf40b90518185af5c536daeb039f575aef8f3bd5ef42c020c418ba799b9b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
MISS
content-length
1467
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"2881594-2268-5bb3445c8dcee-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
pubads_impl_2022020801.js
securepubads.g.doubleclick.net/gpt/ 		357 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
sffe /
Resource Hash
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 22:05:44 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
29001
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122244
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 09:34:27 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Feb 2023 22:05:44 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		226 B
768 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=thesource.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
b8fa704c9d8d1e82281e6c3f47abc8dcd07ca83532063e53ea765a98c07f7b46
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
132
x-xss-protection
0
expires
Mon, 14 Feb 2022 06:09:05 GMT
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-63798235-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
253
date
Mon, 14 Feb 2022 06:04:52 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Mon, 14 Feb 2022 08:04:52 GMT
wp-emoji-release.min.js
thesource.com/wp-includes/js/ 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-includes/js/wp-emoji-release.min.js?ver=5.6.7
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4662
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Thu, 04 Feb 2021 02:49:11 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1425d67-3795-5ba79bf963d39-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/x-javascript
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
/
thesource.com/ 		64 KB
64 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
MISS
x-xss-protection
1; mode=block
pragma
no-cache
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding,User-Agent
content-type
text/html; charset=UTF-8
cache-control
no-store, no-cache, must-revalidate
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
link
<https://thesource.com/wp-json/>; rel="https://api.w.org/"
expires
Thu, 19 Nov 1981 08:52:00 GMT
beacon.js
sb.scorecardresearch.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 06:20:14 GMT
content-encoding
gzip
etag
W/"1827f116c73f319409b97f10b8a58ade"
last-modified
Fri, 26 Feb 2021 14:35:05 GMT
server
AmazonS3
age
85732
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
dwzLjQqYS8E7vUn5EK_WWFeCcv9XLX2pAT6cqOpk_KE6LJ0ZHaD01g==
gtm.js
www.googletagmanager.com/ 		93 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-NTN2Q9
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0070d23638eb00570923a04b59fe945590c9253df94f92100770e3bf83a20bcb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
br
server
Google Tag Manager
access-control-allow-headers
Cache-Control
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
strict-transport-security
max-age=31536000; includeSubDomains
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37201
x-xss-protection
0
expires
Mon, 14 Feb 2022 06:09:05 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
etag
"yoD6mq4JTyPdtDBolW+GUg=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
expires
Mon, 21 Feb 2022 06:09:05 GMT
source-logo_no-tag-NEW-CLASSIC.png
thesource.com/wp-content/uploads/2021/04/ 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/04/source-logo_no-tag-NEW-CLASSIC.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
5164bd05af39d3bfd75b96ecd577ea9e30ffd45f4249765dced7de4363559e3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
14879
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Mon, 12 Apr 2021 16:28:16 GMT
server
nginx
etag
"19035ea-3a1f-5bfc90033011b"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
246062
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:48:03 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto%3A400%2C500&ver=1.0.0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 14:02:00 GMT
x-content-type-options
nosniff
age
490025
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15920
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:21 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 14:02:00 GMT
qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
fonts.gstatic.com/s/karla/v21/ 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/karla/v21/qkB9XvYC6trAT55ZBi1ueQVIjQTD-JrIH2G7nytkHRyQ8p4wUje6bg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic%7CKarla%3A400%2C700%2C400italic&subset=greek%2Cgreek-ext&ver=5.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ff9ebdf44291f699348fd4dd9b9fbaacdd36186231f34ae0f71c888facdb3261
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 15:30:39 GMT
x-content-type-options
nosniff
age
484706
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21060
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:29:45 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 08 Feb 2023 15:30:39 GMT
fontawesome-webfont.woff2
thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: thesource.com
URL: https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/css/font-awesome.min.css?ver=4.3.0
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://thesource.com/wp-content/themes/blankslate%20-%20Copy%20-%20Copy/library/css/fontawesome/css/font-awesome.min.css?ver=4.3.0
Origin
https://thesource.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
56777
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
server
nginx
x-frame-options
SAMEORIGIN
etag
"1e407f7-ddcc-5a70e0d826ac2-gzip"
vary
Accept-Encoding,User-Agent
content-type
application/font-woff2
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
fonts.gstatic.com/s/oswald/v41/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/oswald/v41/TK3IWkUHHAIjg75cFRf3bXL8LICs1_Fv40pKlN4NNSeSASz7FmlWHYg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A400%2C700%2C400italic%7CKarla%3A400%2C700%2C400italic&subset=greek%2Cgreek-ext&ver=5.1.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 05:49:27 GMT
x-content-type-options
nosniff
age
433178
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
24080
x-xss-protection
0
last-modified
Thu, 03 Feb 2022 00:40:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 05:49:27 GMT
NickiMinaj-Bussin-e1644733277568-360x240.jpg
thesource.com/wp-content/uploads/2022/02/ 		22 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2022/02/NickiMinaj-Bussin-e1644733277568-360x240.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
9ed334c1984e9b1e5a95b17b1aa918734f6af99c7c7716287641817c4a0e9c85
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
22851
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sun, 13 Feb 2022 06:21:18 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1780c37-5943-5d7e04ec91ae9"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
OneSignalPageSDKES6.js
cdn.onesignal.com/sdks/ 		283 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalSDK.js?ver=5.6.7
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
491
etag
W/"0e269028feac530d16f00d8dad8ece74"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=259200
cf-ray
6dd4202b2c6571a4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 17 Feb 2022 06:09:05 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=34210833&ns__t=1644818947475&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2Ft...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=34210833&ns__t=1644818947475&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2F...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=34210833&ns__t=1644818947475&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2Fthesource.com%2F&c9=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
108.157.4.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-157-4-121.dus51.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
etag
W/"0-2jmj7l5rSw0yVb/vlWAYkK/YBwk"
x-amz-cf-id
pcxVvR85Ggm58xPiqMhSDwjZwVxTD6GcDqGbYVNLDc3jPKq5cnebmQ==
x-cache
Miss from cloudfront

Redirect headers

date
Mon, 14 Feb 2022 06:09:05 GMT
via
1.1 6d98bef126a4247ea75e1c5621ccd3fc.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P2
vary
Accept
x-cache
Miss from cloudfront
content-type
text/plain; charset=utf-8
location
https://sb.scorecardresearch.com/b2?c1=2&c2=34210833&ns__t=1644818947475&ns_c=UTF-8&cv=3.5&c8=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&c7=https%3A%2F%2Fthesource.com%2F&c9=
content-length
239
x-amz-cf-id
tsRlY9XYZO6U0-9C98C1OL6b1MIMW1CFvF6_t-NcJxfIzlTxwUagJQ==
sdk.js
connect.facebook.net/en_US/ 		285 KB
80 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/sdk.js?hash=7058e638b5b2a3b4fb8d9d959502324c
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/sdk.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
e891b7f4abf4516b922c51c77718d74ad9c70c250b9202f57eac93f931ee7b4a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY

Request headers

Referer
https://thesource.com/
Origin
https://thesource.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
content-md5
dFk/5Ssh4nobjClnyS2Nlw==
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
expires
Tue, 14 Feb 2023 05:02:49 GMT
alt-svc
h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length
82094
x-fb-rlafr
0
x-fb-debug
BhZr23bQoHMfBzEQY0q0mg/GW+GVMGRyOuVRF4826u4dfVXj2/QNZw73p7Hd/rJbKZqh4mZB1jwnVmnLsl3lDw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-content-md5
63af6e24f9716ae9f3ba06233c3d27cf
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Feb 2022 06:09:05 GMT
x-frame-options
DENY
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public,max-age=31536000,stale-while-revalidate=3600,immutable
etag
"7cb9d7f44dbcf8628aa73cc0a2e9843b"
timing-allow-origin
*
priority
u=3,i
access-control-expose-headers
X-FB-Content-MD5
widgets.js
platform.twitter.com/ 		96 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets.js
Requested by
Host: thesource.com
URL: https://thesource.com/wp-content/plugins/easy-twitter-feed-widget/js/twitter-widgets.js?ver=1.0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/6793) /
Resource Hash
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:05 GMT
Content-Encoding
gzip
Age
258
X-Cache
HIT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=VZ",edge;dur=1
Content-Length
29179
x-tw-cdn
VZ
Last-Modified
Tue, 01 Feb 2022 20:03:56 GMT
Server
ECS (frb/6793)
Etag
"94840c3a0697481258cd2b28513e7509+gzip"
Vary
Accept-Encoding
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1800
ajax-loader.gif
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ajax-loader.gif
Requested by
Host: thesource.com
URL: https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=2.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/slick.css?ver=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
4178
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"288158f-1052-5bb3445c8dcee"
vary
Accept-Encoding
content-type
image/gif
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
arrow-left.png
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		441 B
828 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/arrow-left.png
Requested by
Host: thesource.com
URL: https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
144dfc7f3c8315d272c4dc03429633b1b6766e898302f6ff059e7df0cf8c9021
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
441
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"288158a-1b9-5bb3445c8dcee"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
arrow-right.png
thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/ 		433 B
820 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/arrow-right.png
Requested by
Host: thesource.com
URL: https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.6
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
cab8a95ca8e2bf48b0f4e16f3b1298fbb408d416e575b6bb0b766a48d6ec7e45
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/wp-content/plugins/wp-responsive-recent-post-slider/assets/css/recent-post-style.css?ver=2.6
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
433
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Sat, 13 Feb 2021 09:21:07 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"288158c-1b1-5bb3445c8dcee"
vary
Accept-Encoding
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
classic-081711.css
cdn-images.mailchimp.com/embedcode/ 		3 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cdn-images.mailchimp.com/embedcode/classic-081711.css
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.66.247.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-247-90.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
b6f4e220da1d394544fa342b883483af7f0294f92a7c988f6606ae78775d6aba

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
null
Content-Encoding
gzip
ETag
W/"d813facc50cef75301d8b012379bb198"
Age
29051
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Thu, 18 Aug 2011 14:29:34 GMT
Server
AmazonS3
Date
Sun, 13 Feb 2022 22:05:05 GMT
Vary
Accept-Encoding
Content-Type
text/css
Via
1.1 8e487d5d50ba943ec340041b0945bbf4.cloudfront.net (CloudFront)
x-amz-meta-s3fox-filesize
3553
x-amz-meta-s3fox-modifiedtime
1313677757000
X-Amz-Cf-Pop
DUS51-P1
X-Amz-Cf-Id
1ctXUUuEb1O64LG-UmyMC4mSXbrgFwWuGXLCwXUZDARPnZAGM8c5Zw==
linkid.js
www.google-analytics.com/plugins/ua/ 		2 KB
884 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 05:34:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
2093
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
859
x-xss-protection
0
last-modified
Tue, 22 Oct 2019 18:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
expires
Mon, 14 Feb 2022 06:34:12 GMT
rules-p-LZP_7FJpfuC2Z.js
rules.quantcount.com/ 		1 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-LZP_7FJpfuC2Z.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2315:5200:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3954c079cedc82e8ddac1125c3867f78b5ea5df0059c11e3f6834246f3b35b98

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 05:33:11 GMT
content-encoding
gzip
age
2258
x-cache
Hit from cloudfront
cross-origin-resource-policy
cross-origin
access-control-allow-origin
*
last-modified
Fri, 05 Jan 2018 16:04:56 GMT
server
AmazonS3
etag
W/"025943522efe6e2f31c0bf63be082b07"
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 fa544a973edca8926f95609301f23b66.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
DUS51-P2
x-amz-cf-id
KSsYAxjhMD9hcgkStTRip5C7OZrxtRW-2KJ7aIq8W39wKNSST0yX9g==
config
c.amazon-adsystem.com/cdn/prod/ 		0
309 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthesource.com&pubid=52aaa0c8-2bfb-4323-8ca3-0f0fe48aaf4d
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 01:11:58 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server
Server
age
17826
x-cache
Hit from cloudfront
access-control-allow-origin
https://thesource.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
U2auxwH647lgAPZ1O0MtIS_6yznX6we9Khq3vXB29aTcveMzZNr27g==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
11915
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Mon, 14 Feb 2022 03:24:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
yaEdX0HIUlLJdT5CrHcdFy_vdBqgA8i5EqVE5R0F05CdiGsLSMaLtw==
Kendrick-Lamar-Damkn-press-photo-web-1000-750x400.jpg
thesource.com/wp-content/uploads/2020/06/ 		73 KB
74 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2020/06/Kendrick-Lamar-Damkn-press-photo-web-1000-750x400.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
991192945d3d0bb80f4b2bcd7e31b953e9ab3b5dc7bcea29c725676f9d8a3523
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
75056
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Wed, 17 Jun 2020 13:52:29 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"19a0dac-12530-5a847f883c169"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
lil-keke-lgnd-360x240.png
thesource.com/wp-content/uploads/2022/02/ 		68 KB
69 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2022/02/lil-keke-lgnd-360x240.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
58ebf469809e5cfcec387199eb78dc85d30fcd36295a484caa6bfa8ec02abafa
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
70002
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 11 Feb 2022 07:33:51 GMT
server
nginx
etag
"1781726-11172-5d7b916931114"
x-frame-options
SAMEORIGIN
content-type
image/png
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
DaniLeigh-DaBaby-360x240.jpeg
thesource.com/wp-content/uploads/2021/11/ 		21 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/11/DaniLeigh-DaBaby-360x240.jpeg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
484d0f26671268fef60d499dfe654df5d5b53f8957334410df6fddcc3c043b63
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
21734
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Tue, 16 Nov 2021 10:04:41 GMT
server
nginx
etag
"19e157c-54e6-5d0e50dcd5522"
x-frame-options
SAMEORIGIN
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
NBA-YoungBoy-5-750x400.jpg
thesource.com/wp-content/uploads/2021/03/ 		37 KB
37 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://thesource.com/wp-content/uploads/2021/03/NBA-YoungBoy-5-750x400.jpg
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
192.124.249.167 Menifee, United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
cloudproxy10167.sucuri.net
Software
nginx /
Resource Hash
b42942929d2f8e8e1c453467a42e148aec36853a8e604247fbdf0cee43e23f3e
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:05 GMT
x-content-type-options
nosniff
x-sucuri-cache
HIT
content-length
37775
x-xss-protection
1; mode=block
referrer-policy
no-referrer-when-downgrade
last-modified
Fri, 12 Mar 2021 23:29:05 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
"1901447-938f-5bd5f441452b7"
vary
Accept-Encoding
content-type
image/jpeg
cache-control
max-age=315360000
x-sucuri-id
15017
content-security-policy
upgrade-insecure-requests;
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
web
onesignal.com/api/v1/sync/d4d4d594-0c3c-437a-8284-31682a5932cb/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/sync/d4d4d594-0c3c-437a-8284-31682a5932cb/web?callback=__jp0
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b4d22451346129ff0cd4b339b256253bb9cdcf17d7b9eb6da3fb4ae13c5c961c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
age
2092
cf-polished
origSize=3369
status
200 OK
x-envoy-upstream-service-time
22
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
3e05495f-f6d2-4dc0-81b5-9161a45944dd
x-runtime
0.021412
referrer-policy
strict-origin-when-cross-origin
cf-bgj
minify
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"4cd429848d2d4e4083a5962273d50f41"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=3600
cf-ray
6dd4202d1b1a0702-LHR
access-control-allow-headers
SDK-Version
expires
Mon, 14 Feb 2022 07:09:06 GMT
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1870432631&t=pageview&_s=1&dl=https%3A%2F%2Fthesource.com%2F&ul=en-us&de=UTF-8&dt=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGBAAUIhAAAAAC~&jid=453295071&gjid=1555448254&cid=560194516.1644818948&tid=UA-63798235-1&_gid=1977775518.1644818948&_r=1&gtm=2ou290&did=dZGIzZG&gdid=dZGIzZG&z=131743049
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:06 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
440 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63798235-1&cid=560194516.1644818948&jid=1419875373&gjid=1080707277&_gid=1977775518.1644818948&_u=aGDAgUIhAAAAAG~&z=1268553662
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 14 Feb 2022 06:09:06 GMT
content-type
text/plain
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&a=1870432631&t=pageview&_s=1&dl=https%3A%2F%2Fthesource.com%2F&ul=en-us&de=UTF-8&dt=The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%2CCulture%20and%20Politics&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUIhAAAAAC~&jid=1419875373&gjid=1080707277&cid=560194516.1644818948&tid=UA-63798235-1&_gid=1977775518.1644818948&gtm=2wg290NTN2Q9&z=1586588097
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Sun, 13 Feb 2022 15:37:56 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
52270
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
widget_iframe.4e067713e19d4fff483536ddc4df18b9.html
platform.twitter.com/widgets/ Frame A427 		319 KB
104 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fthesource.com
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECS (frb/67BD) /
Resource Hash
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

Content-Encoding
gzip
Access-Control-Allow-Methods
GET
Access-Control-Allow-Origin
*
Age
471620
Cache-Control
public, max-age=315360000
Content-Type
text/html; charset=utf-8
Date
Mon, 14 Feb 2022 06:09:06 GMT
Etag
"8321d7cf58d70200c1423dfa0bca40f6+gzip"
Last-Modified
Tue, 01 Feb 2022 20:00:09 GMT
P3P
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server
ECS (frb/67BD)
Server-Timing
"x-cache;desc= HIT,x-tw-cdn;desc=",edge;dur=1
Vary
Accept-Encoding
X-Cache
HIT
x-tw-cdn
VZ
Content-Length
105433
pixel;r=506277904;labels=title.The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%20Culture%20and%20Politics;rf=0;a=p-LZP_7FJpfuC2Z;url=https%3A%2F%2Fthesource.com%2F;uh=e51ed67dfb8d91dc24b...
pixel.quantserve.com/ 		35 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=506277904;labels=title.The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%20Culture%20and%20Politics;rf=0;a=p-LZP_7FJpfuC2Z;url=https%3A%2F%2Fthesource.com%2F;uh=e51ed67dfb8d91dc24b15e2ace0c3bc33bc53c3e1dfb09200d6c2f8387d67ea6;uht=2;fpan=1;fpa=P0-1539203873-1644818947875;pbc=;ns=0;ce=1;qjs=1;qv=b4915a16-20220201183321;cm=;gdpr=0;ref=;d=thesource.com;je=0;sr=1600x1200x24;dst=0;et=1644818947875;tzo=0;ogl=locale.en_US%2Ctype.website%2Ctitle.The%20Source%20-%20The%20Magazine%20of%20Hip%20Hop%20Music%252CCulture%20and%20Politics%2Cdescription.The%20Magazine%20of%20Hip%20Hop%20Music%252CCulture%20and%20Politics%2Curl.https%3A%2F%2Fthesource%252Ecom%2F%2Csite_name.The%20Source
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:06 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
collect
stats.g.doubleclick.net/j/ 		4 B
70 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-63798235-1&cid=560194516.1644818948&jid=453295071&gjid=1555448254&_gid=1977775518.1644818948&_u=aGBAAUIgAAAAAC~&z=807491567
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c0c::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Mon, 14 Feb 2022 06:09:06 GMT
content-type
text/plain
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
OneSignalSDKStyles.css
onesignal.com/sdks/ 		82 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/sdks/OneSignalSDKStyles.css?v=2
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:06 GMT
content-encoding
br
cf-cache-status
HIT
server
cloudflare
age
699
etag
W/"4e9aaefffd5f8ae7dc83361aa2294190"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
text/css
cache-control
public, max-age=2592000
cf-ray
6dd4202daf0a71a4-LHR
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Wed, 16 Mar 2022 06:09:06 GMT
icon
onesignal.com/api/v1/apps/d4d4d594-0c3c-437a-8284-31682a5932cb/ 		192 B
580 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://onesignal.com/api/v1/apps/d4d4d594-0c3c-437a-8284-31682a5932cb/icon
Requested by
Host: cdn.onesignal.com
URL: https://cdn.onesignal.com/sdks/OneSignalPageSDKES6.js?v=151513
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700::6812:e134 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d511d4dafdc47fb28b09a8a4ca8a86f589e96ee3cdb2f652bc1863085171765f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:06 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
REVALIDATED
status
200 OK
x-envoy-upstream-service-time
16
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection
1; mode=block
x-request-id
706a7d49-5dea-4819-a230-ae212d7d029f
x-runtime
0.007080
referrer-policy
strict-origin-when-cross-origin
server
cloudflare
x-frame-options
SAMEORIGIN
etag
W/"d511d4dafdc47fb28b09a8a4ca8a86f5"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
*
cache-control
max-age=0, private, must-revalidate
cf-ray
6dd4202e4bb788aa-LHR
access-control-allow-headers
SDK-Version
settings
syndication.twitter.com/ Frame A427 		232 B
447 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://syndication.twitter.com/settings?session_id=921016865914db09fd3256491440c9fedea2652b
Requested by
Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.4e067713e19d4fff483536ddc4df18b9.html?origin=https%3A%2F%2Fthesource.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.136 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_f /
Resource Hash
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://platform.twitter.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-response-time
104
date
Mon, 14 Feb 2022 06:09:06 GMT
content-encoding
gzip
last-modified
Mon, 14 Feb 2022 06:09:06 GMT
server
tsa_f
vary
Origin
strict-transport-security
max-age=631138519
content-type
application/json; charset=utf-8
access-control-allow-origin
https://platform.twitter.com
cache-control
must-revalidate, max-age=600
access-control-allow-credentials
true
x-connection-hash
b3ea2512984a4ae8d09400384a4995b9394717c9403323ad2a47185a1a319775
content-length
166
ga-audiences
www.google.com/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63798235-1&cid=560194516.1644818948&jid=1419875373&_u=aGDAgUIhAAAAAG~&z=853951858
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63798235-1&cid=560194516.1644818948&jid=1419875373&_u=aGDAgUIhAAAAAG~&z=853951858
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4003:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.com/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63798235-1&cid=560194516.1644818948&jid=453295071&_u=aGBAAUIgAAAAAC~&z=1920836925
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-63798235-1&cid=560194516.1644818948&jid=453295071&_u=aGBAAUIgAAAAAC~&z=1920836925
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4003:807::2003 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:06 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
490 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthesource.com%2F&pid=XzPffZnB05UHr&cb=0&ws=1600x1200&v=7.73.0&t=2000&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-TheSource_Desktop_Leaderboard_A%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Leaderboard_A%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TheSource_Desktop_Leaderboard_B%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Leaderboard_B%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TheSource_Desktop_Leaderboard_C%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Leaderboard_C%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TheSource_Desktop_Leaderboard_D%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x90%22%2C%22970x250%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Leaderboard_D%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TheSource_Desktop_Sidebar_A%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Sidebar_A%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TheSource_Desktop_Sidebar_B%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Sidebar_B%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TheSource_Desktop_Sidebar_C%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Sidebar_C%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TheSource_Desktop_Sidebar_D%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Sidebar_D%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TheSource_Desktop_Sidebar_E%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Desktop_Sidebar_E%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-TheSource_Outstream%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22301775111%2FTheSource_Outstream%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Undertone_BrandReveal%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22301775111%2FUndertone_Test%2FUndertone_BrandReveal%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Undertone_PageGrabber%22%2C%22s%22%3A%5B%221x1%22%5D%2C%22sn%22%3A%22301775111%2FUndertone_Test%2FUndertone_PageGrabber%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Adventive_1000x300%22%2C%22s%22%3A%5B%221x1%22%2C%221000x300%22%2C%221900x195%22%5D%2C%22sn%22%3A%22301775111%2FAdventive_Test%2FAdventive_1000x300%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Adventive_1045x381%22%2C%22s%22%3A%5B%221045x381%22%5D%2C%22sn%22%3A%22301775111%2FAdventive_Test%2FAdventive_1045x381%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-Adventive_1900x196%22%2C%22s%22%3A%5B%221900x196%22%5D%2C%22sn%22%3A%22301775111%2FAdventive_Test%2FAdventive_1900x196%22%7D%5D&pubid=52aaa0c8-2bfb-4323-8ca3-0f0fe48aaf4d&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:06 GMT
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
server
Server
x-amz-cf-pop
FRA50-C1
x-amz-rid
Y1CWHN2Z09MXY5SF936A
vary
Accept-Encoding,User-Agent
x-cache
Miss from cloudfront
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
strict-transport-security
max-age=47474747; includeSubDomains; preload
timing-allow-origin
*
content-length
23
x-amz-cf-id
i09RmSb57fGsRv6OSj-xZqcHdJoEx_kiZ3CeTx_hSgjVpzE3hJvKqA==
fastlane.json
fastlane.rubiconproject.com/a/api/ 		260 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026936&size_id=2&alt_size_ids=55&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=fe7e3c96-d06c-4ad1-a699-97e46bc9ccef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.2548346554704277
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
01f57e35f82feb2012a0dd69849e33e2192aeecaa224f2736d9c7d1a6c0c180c

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
260
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026950&size_id=2&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=4a061f1a-8f7e-48f3-be48-e55bc0163056&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9894002509836877
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
240e891c8e2d9afa355ef277f6fc195e0a9159a155dc3b525a4539030d1b5be1

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026952&size_id=2&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=428b7ce3-1b42-44f1-9344-810cf8e7716c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4704256970872096
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5a18605d9766a17abff3ddc8e7c39fb13d5ca067b3e5440e0f9e1a6f04e6306e

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		240 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026946&size_id=2&alt_size_ids=55&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=ae70e12d-773f-4797-8410-de40b1d1e63e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.9270834217051089
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
731ce13d2cec8a234de8f4e95fe73f8f9edcf34b3ef258b35480cae1aca81474

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
240
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026938&size_id=15&alt_size_ids=10&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=4569acca-1c98-42fc-8e62-d3a38b0ac83e&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.8157660094707881
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
9af076e8567451cd0e75441e6cb9e23fddd1024c10cb8f29f644e30d57df59ab

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		261 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026940&size_id=15&alt_size_ids=10&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=b9937724-7fef-4cc1-9e06-7af40b3e52d7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.6064376415383625
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
72be863fbd7bdc0bdfdfb6c7be6ae5f37b0140ea9e5191c17e9befe36ca11ea1

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
261
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026942&size_id=15&alt_size_ids=10&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=8e64588d-6623-44dd-a83c-74495ca932ef&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.4020424098799842
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
42d90b9ccf40e6b29d639646d7d63c79878da70f72e5bedebd1d6e830465bcf8

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026944&size_id=15&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=49552a4c-7ca0-4273-b579-4b5483c552c9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.1894091133405913
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
5744ee911cbb29ebfb686ed35dc772f6a7bec892b4489ae57f43d5200109a2ab

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		241 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=18708&site_id=207334&zone_id=1026948&size_id=15&rp_schain=1.0,1!ascendeum.com,asc98064,1,,,&rf=https%3A%2F%2Fthesource.com%2F&tk_flint=pbjs_lite_v5.9.0&x_source.tid=507bdfba-339b-4bad-a781-b6bcb4049029&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&slots=1&rand=0.41773941944403936
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::143 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.16.0 /
Resource Hash
36f19ddda576c29a195ed385e021effdea2018bdd8c45df0f775228aeaaf2e04

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
Server
nginx/1.16.0
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
241
Expires
Wed, 17 Sep 1975 21:32:10 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
af87e921-7ab0-4101-ad19-e85da05e6862
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ 		19 B
707 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:06 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
fcd4b02c-096f-4fc7-ac9f-fbf0bbedf992
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
prebid-request
onetag-sys.com/ 		15 B
360 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/prebid-request
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

strict-transport-security
max-age=15552000
content-encoding
gzip
p3p
CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin
https://thesource.com
cache-control
no-transform, no-cache
access-control-allow-credentials
true
content-type
application/json
access-control-allow-headers
content-type, origin, referer, user-agent
content-length
41
bid
ap.lijit.com/rtb/ 		25 B
519 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.9.0
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.30 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
ff27532996a861435ee16521a2b629badd3c7db893362c245d9abbb77885ef77

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 14 Feb 2022 06:09:06 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://thesource.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap6ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
25
prebid
exchange.postrelease.com/ 		0
391 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://exchange.postrelease.com/prebid?ntv_ptd=1132776,1132786,1132780,1132781,1132782,1132783&ntv_pb_rid=52f28f5433e67d2&ntv_ppc=eyJhZFVuaXRzIjpbeyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9MZWFkZXJib2FyZF9BIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXSxbOTcwLDkwXV19fX0seyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9MZWFkZXJib2FyZF9EIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbNzI4LDkwXSxbOTcwLDkwXV19fX0seyJhZFVuaXRDb2RlIjoiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9TaWRlYmFyX0IiLCJtZWRpYVR5cGVzIjp7ImJhbm5lciI6eyJzaXplcyI6W1szMDAsMjUwXSxbMzAwLDYwMF1dfX19LHsiYWRVbml0Q29kZSI6ImRpdi1ncHQtYWQtVGhlU291cmNlX0Rlc2t0b3BfU2lkZWJhcl9DIiwibWVkaWFUeXBlcyI6eyJiYW5uZXIiOnsic2l6ZXMiOltbMzAwLDI1MF0sWzMwMCw2MDBdXX19fSx7ImFkVW5pdENvZGUiOiJkaXYtZ3B0LWFkLVRoZVNvdXJjZV9EZXNrdG9wX1NpZGViYXJfRCIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fSx7ImFkVW5pdENvZGUiOiJkaXYtZ3B0LWFkLVRoZVNvdXJjZV9EZXNrdG9wX1NpZGViYXJfRSIsIm1lZGlhVHlwZXMiOnsiYmFubmVyIjp7InNpemVzIjpbWzMwMCwyNTBdXX19fV19&ntv_dbr=eyJkaXYtZ3B0LWFkLVRoZVNvdXJjZV9EZXNrdG9wX0xlYWRlcmJvYXJkX0EiOjAsImRpdi1ncHQtYWQtVGhlU291cmNlX0Rlc2t0b3BfTGVhZGVyYm9hcmRfRCI6MCwiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9TaWRlYmFyX0IiOjAsImRpdi1ncHQtYWQtVGhlU291cmNlX0Rlc2t0b3BfU2lkZWJhcl9DIjowLCJkaXYtZ3B0LWFkLVRoZVNvdXJjZV9EZXNrdG9wX1NpZGViYXJfRCI6MCwiZGl2LWdwdC1hZC1UaGVTb3VyY2VfRGVza3RvcF9TaWRlYmFyX0UiOjB9&ntv_url=https%3A%2F%2Fthesource.com%2F
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.197.208.127 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-197-208-127.compute-1.amazonaws.com
Software
nginx/1.12.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:06 GMT
content-encoding
gzip
server
nginx/1.12.1
p3p
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
https://thesource.com
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
access-control-allow-credentials
true
content-type
application/json;charset=UTF-8
content-length
20
expires
Mon, 1 Jan 1990 12:00:00 GMT
arj
thesource2-d.openx.net/w/1.0/ 		73 B
377 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://thesource2-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthesource.com%2F&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=fe7e3c96-d06c-4ad1-a699-97e46bc9ccef%2C428b7ce3-1b42-44f1-9344-810cf8e7716c%2C4569acca-1c98-42fc-8e62-d3a38b0ac83e%2C8e64588d-6623-44dd-a83c-74495ca932ef%2C49552a4c-7ca0-4273-b579-4b5483c552c9&nocache=1644818948139&schain=1.0%2C1!ascendeum.com%2Casc98064%2C1%2C%2C%2C&aus=728x90%2C970x90%7C728x90%7C300x250%2C300x600%7C300x250%2C300x600%7C300x250&divids=div-gpt-ad-TheSource_Desktop_Leaderboard_A%2Cdiv-gpt-ad-TheSource_Desktop_Leaderboard_C%2Cdiv-gpt-ad-TheSource_Desktop_Sidebar_A%2Cdiv-gpt-ad-TheSource_Desktop_Sidebar_C%2Cdiv-gpt-ad-TheSource_Desktop_Sidebar_D&aucs=%2C%2C%2C%2C&auid=543961637%2C543961648%2C543961651%2C543961668%2C543961673
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
bb79e0aacc23fbf951de2bf11805ffa1df4fa0f78274c5db77eaaecf5581b475

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:06 GMT
content-encoding
gzip
server
OXGW/17.1.0
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://thesource.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
79
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=5.9.0&referrer=https%3A%2F%2Fthesource.com%2F&tmax=3000
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.185.181.98 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-185-181-98.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:06 GMT
x-auction-status
12, 12, 12, 12, 12, 12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf7939353af0023&pos=thesource_desktop_leaderboard_a&cmd=bid&secure=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
2e9395a7a7cc4455c60ccd13aee6c071100d78ef09d7b0ab1983ec1c4377d12b

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Feb 2022 06:09:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf7939353af0023&pos=thesource_desktop_leaderboard_c&cmd=bid&secure=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
5126b6a8bba0dada6ca4ea7c38470d74716b8b28e8133c1dd6d39d17004e0de5

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Feb 2022 06:09:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf7939353af0023&pos=thesource_desktop_sidebar_a&cmd=bid&secure=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
60e0fd4cf5311d98ca31d510e17ee6a58d71d4bd46a7aba9de2e5e8da2423e20

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Feb 2022 06:09:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf7939353af0023&pos=thesource_desktop_sidebar_c&cmd=bid&secure=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
975c02c5bc64e306b2dd9427fd27e5dd8133780f0be998b6be97fa07cab60586

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Feb 2022 06:09:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9691ba01777792dbf7939353af0023&pos=thesource_desktop_sidebar_d&cmd=bid&secure=1
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.195.47 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-195-47.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
3647925cfe3a04fa84025ead3a347e5807ba7351a1de7bcc494c55794fd5528b

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

date
Mon, 14 Feb 2022 06:09:06 GMT
server
ATS/9.1.0.33
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
content-length
62
cygnus
htlb.casalemedia.com/ 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=277002&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%228044fdf2a4422ea%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthesource.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A5%2C%22msi%22%3A5%2C%22mfu%22%3A0%2C%22bu%22%3A9%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A9%2C%22ren%22%3Afalse%2C%22version%22%3A%225.9.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%228108557164cbac4%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277002%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277002%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2282f0082f794115d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277008%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%22838da2b8ebff35c%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277009%22%2C%22sid%22%3A%22728x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2284d4a737521b3c6%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277010%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22277010%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2285019d82b130437%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277003%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22277003%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%228641968f2958a0a%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277004%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22277004%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%228733082ee60606d%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277005%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22277005%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2288def8ad58cc6ba%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277006%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%2C%7B%22id%22%3A%2289fee40a2629fea%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22277007%22%2C%22sid%22%3A%22300x250%22%7D%7D%5D%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ascendeum.com%22%2C%22sid%22%3A%22asc98064%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%7D
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
24d924f19d756f94126180f88544ae8286478729897c5e7cae8e9b6041a52f62

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:06 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.39], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://thesource.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
27
expires
Mon, 14 Feb 2022 06:09:06 GMT
c
prebid.a-mo.net/a/ 		0
347 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.38.124 Amsterdam, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thesource.com
date
Mon, 14 Feb 2022 06:09:06 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
235
vary
origin, Accept-Encoding
45360640-cfac-4d25-9297-39c0cd53d3c7.png
img.onesignal.com/permanent/ 		7 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.onesignal.com/permanent/45360640-cfac-4d25-9297-39c0cd53d3c7.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:e234 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2e36c6c5a29efb8da343da850a8197df6aeaffebd1f936bd4978616419cbdc4b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:06 GMT
cf-cache-status
HIT
age
2579
x-amz-meta-cache-control
public, maxage=604800
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
6989
x-amz-id-2
GwDsRS7QbfQCJmnonXWZzEoSr39ZNv5rCQrdtiHw03YlUSbIvteTOiwhgRBkTrDdRZgTwTGp2MY=
last-modified
Fri, 15 May 2020 00:14:26 GMT
server
cloudflare
etag
"c0f5bd924b031517bc0e800cafb853f8"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
x-amz-request-id
6A1NAEE09TZXXZ0M
cache-control
public, max-age=2678400
accept-ranges
bytes
cf-ray
6dd420302e860702-LHR
expires
Thu, 17 Mar 2022 06:09:06 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=thesource.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 06:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thesource.com
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 06:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		368 KB
96 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=664636754395447&correlator=4048896835343628&output=ldjh&eid=44757100%2C31061165&output=ldjh&gdfp_req=1&vrg=2022020801&ptt=17&impl=fifs&sc=1&sfv=1-0-38&ecs=20220214&iu_parts=301775111%2CTheSource_Desktop_Leaderboard_A%2CTheSource_Desktop_Leaderboard_B%2CTheSource_Desktop_Leaderboard_C%2CTheSource_Desktop_Leaderboard_D%2CTheSource_Desktop_Sidebar_A%2CTheSource_Desktop_Sidebar_B%2CTheSource_Desktop_Sidebar_C%2CTheSource_Desktop_Sidebar_D%2CTheSource_Desktop_Sidebar_E%2CTheSource_Outstream%2CUndertone_Test%2CUndertone_BrandReveal%2CUndertone_PageGrabber%2CAdventive_Test%2CAdventive_1000x300%2CAdventive_1045x381%2CAdventive_1900x196&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F5%2C%2F0%2F6%2C%2F0%2F7%2C%2F0%2F8%2C%2F0%2F9%2C%2F0%2F10%2C%2F0%2F11%2F12%2C%2F0%2F11%2F13%2C%2F0%2F14%2F15%2C%2F0%2F14%2F16%2C%2F0%2F14%2F17&prev_iu_szs=728x90%7C970x90%7C970x250%2C728x90%2C728x90%2C728x90%7C970x90%7C970x250%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%2C300x250%2C1x1%2C1x1%2C1x1%2C1x1%7C1000x300%7C1900x195%2C1045x381%2C1900x196&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=attsafe%3Dfalse%26post_id%3Dfalse%26page_type%3Dhomepage%26floortest%3D2%26sect%3DCUSTOMIZE%26subsect%3DCUSTOMIZE&cookie_enabled=1&bc=31&abxe=1&dt=1644818948786&lmt=1644818948&dlt=1644818946958&idt=788&frm=20&biw=1600&bih=1200&oid=2&adxs=4%2C-9%2C278%2C-9%2C-9%2C-9%2C1283%2C1283%2C1283%2C0%2C-9%2C-9%2C-9%2C-9%2C-9&adys=110%2C-9%2C919%2C-9%2C-9%2C-9%2C240%2C987%2C1047%2C110%2C-9%2C-9%2C-9%2C-9%2C-9&adks=4279775946%2C2081670634%2C440881433%2C298705735%2C3378158676%2C1603219723%2C3365761260%2C335390090%2C1746210956%2C1855928011%2C2101424380%2C1000367340%2C1987441417%2C2742094566%2C493704654&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9%7Ca%7Cb%7Cc%7Cd%7Ce%7Cf&ifi=1&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&dmc=8&url=https%3A%2F%2Fthesource.com%2F&vis=1&scr_x=0&scr_y=0&psz=1592x0%7C0x-1%7C960x8463%7C0x-1%7C0x-1%7C0x-1%7C300x0%7C300x0%7C300x0%7C1600x8703%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=1592x0%7C0x-1%7C960x0%7C0x-1%7C0x-1%7C0x-1%7C300x0%7C300x0%7C300x0%7C1600x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&ga_vid=560194516.1644818948&ga_sid=1644818949&ga_hid=1870432631&ga_fc=true&fws=0%2C2%2C0%2C2%2C2%2C2%2C4%2C4%2C4%2C0%2C2%2C2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0%2C0%2C0%2C300%2C300%2C300%2C0%2C0%2C0%2C0%2C0%2C0&btvi=0%7C-1%7C0%7C-1%7C-1%7C-1%7C0%7C0%7C0%7C0%7C-1%7C-1%7C-1%7C-1%7C-1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&nvt=1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
103b96c4b26d063108697d1be835499e5e2a4b8879ca5312ac9a88b9368d1170
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:07 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2,-2,-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
98637
x-xss-protection
0
google-lineitem-id
-1,-1,-2,-2,-1,-2,-1,-1,-1,5726606579,-2,-2,-2,-2,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-1,-1,-2,-2,-1,-2,-1,-1,-1,138353725253,-2,-2,-2,-2,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://thesource.com
access-control-expose-headers
x-google-amp-ad-validated-version
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		13 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2022020801&st=env
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7e4fe942a250f89bb8d803ffe672198c947ea7f6bdac6bcadab71f124e1de089
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 06:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
9890
x-xss-protection
0
container.html
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 818E 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
date
Mon, 14 Feb 2022 06:09:07 GMT
expires
Tue, 14 Feb 2023 06:09:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:07 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 14 Feb 2022 06:09:07 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 45E7 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 01:29:27 GMT
expires
Tue, 14 Feb 2023 01:29:27 GMT
cache-control
public, max-age=31536000
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
content-type
text/html
age
16780
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 90B5 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
607f20542f68184479a3a085fc2763563782b55fdbaf0edc361b6eb9a43286d6
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-7YmcLYFu576i/6DjK3wZ/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Mon, 14 Feb 2022 06:09:07 GMT
date
Mon, 14 Feb 2022 06:09:07 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-7YmcLYFu576i/6DjK3wZ/A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 90B5 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_2022020801&jk=664636754395447&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js
pagead2.googlesyndication.com/bg/ Frame 45E7 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 07:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
81324
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13483
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Feb 2023 07:33:43 GMT
generate_204
tpc.googlesyndication.com/ Frame 45E7 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?2gyMIA
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:07 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
container.html
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A7F7 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 06:09:07 GMT
expires
Tue, 14 Feb 2023 06:09:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
view
securepubads.g.doubleclick.net/pcs/ Frame A1B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstm1a66A4gzynga9WQv9AxpTyzt9ib0aCN4AYPDpAxrQAWmMZNuq2hPdORhFnBW8A3x8ncPuXnHlk6pD7bBsGNWDykEH3yLkbmQsg2oqXEtfBg3vMktg1i-3M9l7pKsGP5QMRx44rBDpQCI5WvJDd_yzmXD9VcpQpT7uAmVI59BuXR8rfGxrR8N7Ycl-QIhIV3fUe0OAu571lvOs0SSMSmUvFZ-Z6T6ipk_iT9OcCHhkNI5F1pHNRi2iF9rKU9_Q2JsLD_H4x9bN4x0IoccPKCXvtqnNcNHEeNAdubFBAHn24eRYVo8S4tusNs_uRaVT1M&sai=AMfl-YSRAaz2i_26VDi6zjhBQ0bNHlHC6ysXzC0xcbW-OPB1sBRGw6Qwfwjd2R6a7lJz-bNNn72Y9DDtGNXyjpfL-70EbvooduGsYd_IG-4al6JkOpEGgAoxdafj1kUFR4E&sig=Cg0ArKJSzLlmDPOw6fstEAE&uach_m=[UACH]&urlfix=1&adurl=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 06:09:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 14 Feb 2022 06:09:08 GMT
liveView.php
live.primis.tech/live/ Frame A1B8 		44 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=102992&cbuster=2045151778
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
3186009784546cd6cf27598aeda3d87708c583a207c64f5e95bf6a6f22a2da1e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:07 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A1B8 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 14 Feb 2022 06:09:08 GMT
container.html
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4089 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 06:09:07 GMT
expires
Tue, 14 Feb 2023 06:09:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
amp4ads-v0.mjs
cdn.ampproject.org/rtv/012201141909000/ Frame 59BD 		220 KB
60 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/amp4ads-v0.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
44079
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
61542
x-xss-protection
0
server
sffe
date
Sun, 13 Feb 2022 17:54:29 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"00d9ef7efeb287da"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 13 Feb 2023 17:54:29 GMT
amp-ad-exit-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 59BD 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
62949
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
5698
x-xss-protection
0
server
sffe
date
Sun, 13 Feb 2022 12:39:59 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"919adc590e0ff503"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 13 Feb 2023 12:39:59 GMT
amp-analytics-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 59BD 		96 KB
30 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-analytics-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
100470
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
29570
x-xss-protection
0
server
sffe
date
Sun, 13 Feb 2022 02:14:38 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"c52208c2e07002d5"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Mon, 13 Feb 2023 02:14:38 GMT
amp-fit-text-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 59BD 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-fit-text-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
661
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1851
x-xss-protection
0
server
sffe
date
Mon, 14 Feb 2022 05:58:07 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"76a8c96b6aaec2c9"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Tue, 14 Feb 2023 05:58:07 GMT
amp-form-0.1.mjs
cdn.ampproject.org/rtv/012201141909000/v0/ Frame 59BD 		42 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.ampproject.org/rtv/012201141909000/v0/amp-form-0.1.mjs
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
Security Headers
Name Value
Content-Security-Policy default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

content-security-policy
default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding
br
x-content-type-options
nosniff
age
302270
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13611
x-xss-protection
0
server
sffe
date
Thu, 10 Feb 2022 18:11:18 GMT
strict-transport-security
max-age=31536000; includeSubDomains; preload
report-to
{"group":"amphtml-china-available","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/amphtml-china-available"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
vary
Accept-Encoding
cache-control
public, max-age=31536000
etag
"7aefe3fe93cc7383"
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="amphtml-china-available"
expires
Fri, 10 Feb 2023 18:11:18 GMT
truncated
/ Frame 59BD 		212 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
c894943277b29201d15dcdaf9a54e081575a3f1ed7c5b85dde8f464424da5a17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
11076182216265550272
tpc.googlesyndication.com/simgad/ Frame 59BD 		33 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/11076182216265550272?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qmj01hnuqCQUn1QGMmjggPPawrb-A
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
765649282bb3067226382bec6bf47f87274a9a93cdf808ec802e9ecf8ea3afba
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 23:36:25 GMT
x-content-type-options
nosniff
age
196363
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33834
x-xss-protection
0
last-modified
Fri, 04 Feb 2022 23:17:51 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Sat, 11 Feb 2023 23:36:25 GMT
en.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 59BD 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/en.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 09:41:38 GMT
x-content-type-options
nosniff
server
cafe
age
73650
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
14819457070020093239
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2502
x-xss-protection
0
expires
Mon, 14 Feb 2022 09:41:38 GMT
icon.png
tpc.googlesyndication.com/pagead/images/adchoices/ Frame 59BD 		295 B
319 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/pagead/images/adchoices/icon.png
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 09:53:05 GMT
x-content-type-options
nosniff
server
cafe
age
72963
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
etag
426692510519060060
vary
Accept-Encoding
content-type
image/png
cache-control
public, max-age=86400
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Mon, 14 Feb 2022 09:53:05 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 59BD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=CGIuJA_IJYvmmDYHw3gPdlZLgDKj7_6Zogr703cQPv-EeEAEgqK3kfmCVAqABm4jRnwPIAQKpAsAI0yyNCrM-4AIAqAMByAMIqgTuAU_QJbtpzm-tNh4dO1XPFfc4_NqSNwq8rfbPGPSV_5cjIpQPuLHGrwn-EbMf6VchzCqgxs9xfD8RTE29b9uNZwpUKcIhz96Sk_hkldNuHx0AwkMnbs7D9IMpuV3qWme5YNOglaCu81nym-nkmsnhRQRJApEyq5pqfzF_Y6LAoV7FA7ACt-7GZzv_5QZdVflYUEU_tdtbMnOYadi22xpW5AN5DiFuPOhmH8_KBX3zdbPPpvQLn84gmJM3Y5NFwjCTmL3pX4qITwadVrrvNidKfQl5p1iyre14er5WXP78Zzmwys_GMrdLZSvvttdvlvbABP-Gt8_qA-AEAZIFBAgEGAGSBQQIBRgEoAYCgAfN965gqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQoMED0ggJCIjhgBAQARgdgAoDyAsB2BMM0BUBmBYBgBcBshceChwIABIUcHViLTY4MjA2NjM2MzE4MzMyNDQYt4Ud&sigh=1UuckDoz6QE&uach_m=[UACH]
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
container.html
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 057B 		6 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022020801.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:812::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
timing-allow-origin
*
content-length
3108
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Mon, 14 Feb 2022 06:09:07 GMT
expires
Tue, 14 Feb 2023 06:09:07 GMT
cache-control
public, immutable, max-age=31536000
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
content-type
text/html
age
1
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
m_js_controller_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 4089 		32 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/m_js_controller_fy2021.js
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a3f737682b5b27b6cf0f535142b8f3720996fa24fdff3083c480939190f2b429
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 03:45:05 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8643
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13081
x-xss-protection
0
server
cafe
etag
8947656050451629698
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 03:45:05 GMT
ext.js
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 4089 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 12:26:12 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
63776
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7022
x-xss-protection
0
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Mon, 13 Feb 2023 12:26:12 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4089 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 14 Feb 2022 06:09:08 GMT
abg_lite_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 4089 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2021.js
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7e71200520e00ecff81c880fee83dce822fa132e17519edf21238212fca8b02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 21:00:43 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
32905
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7798
x-xss-protection
0
server
cafe
etag
13722034009463200147
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Sun, 27 Feb 2022 21:00:43 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 4089 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2021.js
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 04:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 04:37:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 4089 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1e3f8e415e18e40554991365d26227d2b949fdc6b61cc064ec27967b612fe52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 05:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6369
x-xss-protection
0
server
cafe
etag
8684570328279026363
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 05:55:06 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame 42F6 		624 B
733 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLfCtLsBMAE&v=APEucNWi1WUBiisEXy-FssKMkksYGsLr8LA11xuibKP-O5qHMkqnrWNcbosOU7Tc1BLSGNDmuNnNPcYWUlXoSI3jwGUbtU1V2jbJPdRIyu53Gqw4-uZdBZI_YJ84Qbd_xtlFwF16uIf9LKzuL1MZhbnOMuM6-XpvliYijLAXw6fuZI77PfXcVpE
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 14 Feb 2022 06:09:08 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame A7F7 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2021.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7e71200520e00ecff81c880fee83dce822fa132e17519edf21238212fca8b02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 00:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7798
x-xss-protection
0
server
cafe
etag
13722034009463200147
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 00:23:19 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/ Frame A7F7 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 00:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 00:23:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A7F7 		0
571 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOfw9yNvsI0lXnzIGMKeOa1Rd-3IYe91hsnB_-twXHzKpEFxwhJsRXakv9WMN8OkXM_HONaCNlqN35FJ6jNrJ6aU0gmqoTO4CtvdeIZGCYnJMzxNKI-h5HAW4c5q_rQ-_fY6MQeY5h8WQRvJp4or3bK-VlWRQGbzcdQB84GZTWELeUAUWazmb1HH0uBvKJtJSbjn7NRFr9OfKayo2aNLwJ5Y0TZkyXWlRaFOb9Hsc-88riDwxc1X02AdiXPF797uIqja47VVX9zs2LcogNyaEwB5oLEK60jnMUuQo1KydJNMDA3sNa7q79ZVdqfnbHSYBGRGbJxDJcZgENfrxDfY_pnOfYe1MefHtvmlT3FpLBjDkKROKX6rWb08aOQl2xf42Wnrpsf40ms7-xm0fb1t__WomdAnqsDBb66uTyoDbax2mlCAe5Zua-6P9aVBFdRevXgFHUm7xwVpQq4WKkeBxlkw41iYRlnPwcy2TO2PYBNrOKL1klgPyziLTBmii73Nw3KfCee2cDxRdXMy35repjBXfXBEdiYjbH1H2FpKHFf0cgFZgUqJHfWrOjDZdhw_W4FQCV3BWMxKdUod1ogwCCKNZjkBVQ4jK4wtycMmxjMkKVbEWjIZlDv78cWfmlceN67y98OOa8yEzHzaW6OnBERzxJ2TviLhpKsU4zGjv4W-OG2wj4eyZ8gx3CE3w8XmlS3itsT0in0GpnHuf6PE3L8tI7Ic1lBTxgS2Zngz8XIoueb2cI6cAt8vf5O_ignWASJJakaslcKX35PpESu2Yfki2hkURVgS2CJatrtYpajSJFnWNRP7meAMsgJY3Rv_bCza-Ygnawxaf5pXbjuJLUVO0VeaYiNlnWxsC2EVt9Z2IJA3diARL8UILdUkJ0B0yiNvD9kj--2Y8FEE7XLyWHgkwDdce4a4SrDZ2L1yhXlmq2-hkZaEdjAH8l7N6gF2a7_3gR8YwudmRVDbagj7Uxp9t8Gmr9_C_aRV-vyZbZzy_qbr97oV1rN4OOSSxSScIqwUxOO1A1H8Y_PDDDmGQ6EyBI7EZQFJRo0kelCUom7h53mctzb3l5-2DX1mP6LMiBY_uE4qUpoR6fs4a2nvcPYmneXPc9J1zwO3uYm2Dt0201&sai=AMfl-YSod8oQ3-r6yKTg_raYa7PdzylqT5MfRlT3-Teu1HhLIsHxFjZ7mPhXzbZLKFsIZMDrsI7GhhlKQvaarRmVbVLwVp1hMhUK4cNCfCjzi2d0REH0sFtAzGfEE_ZRsNoB87p5qD8UCa7MGrkbhtnAipMjI0t6p1wPCthuL7UKsTP2ciaG5aQ08dV7oVQ1n8qQT2nfBOqKHl6OUwT1ixhU2fXcKdYMvViViKbk-T4WiadJ33c0CEZ8mSUZhYYa5uHWIphX7IH1mvXBB_N6khUrC4Nd-wJQdU_entr0Vflp0eGc3CG9KcR-srqpwCowBHz5-SdMbkWFUTAJxC04IfhR1WgXLiGQxL-FgIR5NP3G1MFPpJLYx-IpjYBGVhSUsVl8L_fjMTdURPYJ5t4&sig=Cg0ArKJSzOMEzSrsehIkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=2&cbvp=1&cstd=0&cisv=r20220209.88345&adurl=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 14 Feb 2022 06:09:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame A7F7 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 16:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 Feb 2023 16:15:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A7F7 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Am31osZBE4w5D837zsC4s-0QNCvqxmUiXJ7eBvGc60oDLRDH4nH2XhZPW3Phn9NQUfm4ON7UFXp5SC-aLnXKdqsgFyxMBmB1TEy15n1aosspItwgg
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame A7F7 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2021.js
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 04:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 04:37:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame A7F7 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1e3f8e415e18e40554991365d26227d2b949fdc6b61cc064ec27967b612fe52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 05:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6369
x-xss-protection
0
server
cafe
etag
8684570328279026363
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 05:55:06 GMT
l
www.google.com/ads/measurement/ Frame A7F7 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/measurement/l?ebcid=ALh7CaTwAgwGTY0OBAHoj-CYz-ogzR4kYMv8FcFM8Uy0I3gZjfOCmIK6_kNwXow2fniYIBT4YBH14yZml90HqpBQh2vgCkg7Gw
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame A7F7 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 14 Feb 2022 06:09:08 GMT
169788513978662783
s0.2mdn.net/simgad/ Frame A7F7 		121 KB
122 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/169788513978662783
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
fe235d73d7991e345c8aedb8c3aa5cfba926c0d4c56b95c960e8c0f7d34113ae
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 19:00:48 GMT
x-content-type-options
nosniff
age
472100
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
124126
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 11:55:40 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 19:00:48 GMT
pixel
googleads.g.doubleclick.net/xbbe/ Frame E881 		624 B
340 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGITLtLsBMAE&v=APEucNXCPco2aaaJl9_K6Ai5zoFE7m9BlVx9MmtrpWRtudd9nyOLXrv5yn4eMM9_DKo_v55hFQ-emN8kpMfEJwVZ8_eMbL1rdAuMd5WDEs7CxC8s3q1gD7HA_q6wyuLFZEIoMwSNmApEIufrugoWbVUh4zg-kkb3sDjBP-31XXC9XdiMWPKQf5g
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Mon, 14 Feb 2022 06:09:08 GMT
server
cafe
cache-control
private
content-length
276
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
abg_lite_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/ Frame 057B 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/abg_lite_fy2021.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d7e71200520e00ecff81c880fee83dce822fa132e17519edf21238212fca8b02
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 00:23:19 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20749
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7798
x-xss-protection
0
server
cafe
etag
13722034009463200147
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 00:23:19 GMT
omrhp_fy2021.js
pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/ Frame 057B 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/r20220209/r20110914/elements/html/omrhp_fy2021.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 00:23:42 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
20726
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2628
x-xss-protection
0
server
cafe
etag
1103433747108554897
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 00:23:42 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame 057B 		0
61 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4f07lkBaw0YE5IVL1TkS4sdvkevw4cn7DUBltG-bNjpzjwFkw-KqzSKDI_HLnEPm1imkDD1kF4MJEW2KAuZDpoilg3IK_K4ZuilNk22kiFeZgpqzq2NW1I2sw43NwSyhzk5lFEMs-xuxql1Ie9CBYW3o5F3_Nw68cFXuu69rO95q-YT9uZezp19vRgWqn5jErU8FKGr6B48Y6-gcr6ndNSTZVJlLg8oyjTfoEB2YJ_CvyAULO3X2GLyaQ667YWpN2W45yc3Zrk4EkUwUPRp-JBm6D6KEXjpn18-wSC2xJV4McOyJj6cpQ78xbaJLSqFpgQXFjQlIJcJzDcyV3dhP12VXwkyeAdvoAPivFPY97gXieJ6tbGCknCIf4q_bz5sR5mkUGtZwgcZRpGgLKiuUKCUcGHS9eyLZNwkApc8ZyFicEq9KEqqKObrPkXAX_TyGlOv4guC8EzGLEvPkKTWbDMOPfSmKZgLgwiOdMC8kRt7fvXNdvg0D5Hpw88JyLQMZFdjzGBqi3YFWBf1AUdnli8d5iEpcZ00PVM5nZ0rqxIZu8fE8o52VFme9GeSoG0hUMHaGtgGjdBZSd0XvCcNh9S-ZJSpdQ9NH-Vh9betSDRhWGpyQeVM7cIz07PTNVJvucEH-E8s4HfbSTfNaUbPho2Pmht4kc5fwNgLKfTuuMgu8W-Q5jXRLRyfOy4pxKV3QrKom_NR1ShbUz3YU7SdqvZAz7wR0Mo77Ngo_GtM-KGkLI69KNtj2HYyP2DK38kL13Y13voxmCILvcSYR2_gn6dzWaR7VQERWWFKhmkjjCHJmfwdfg_2kxiK2JxOws5I7_D_eQRZayCQi-Ee3R48QwxPUIh4nCEpk-e32aXYJVlfr6admbukEGQJn7434wbUJJao6mOCvJWwWDE1_8DFIJbLjzmFkQVNETtxocpZutr1zSErwaT2hknURdIwxhJaPbk5y8ubll4ExS4qtx17VaNmxUKaukGqTR9tEBAp1mioSYKnYXOtXfRPcayW3jaw07l6kCITaq69-4mGCnnmz3jrUdeStwII7uiDDOfd8nToexGB3kfEcSi291GfCbnuoKzMmkNaKjV96QEJzGYAhfc3l58fOiQ_LI_TdCW8it8u9pzRwCUmRFz3jlMPfO-mGiqaYQLGWZ1iiO0aof8onRwlGiOGd2BO3boQ&sai=AMfl-YQWCUVk83FTdB4tddnGRbubJqF19v_ZPBGWgqEwrjtte32NZL50WzTEsbXzq-WHhm8EQMoYEJsHU50AzMUfrO85CrXSwzKvytiFq4SAJZDIJiZnlYVxnI1d8nVBenCr8CysrBKU86j7tFrN0UhlBgnSdV3eJIhQ0KM3vpHrqbEI-uVbOqrLwaGxIyy0tOCqUBI6skwnOJ-D69vYnl84SxjRMTxeLxgeR5CxlavX3VzmfAObz4Qfm0Ho4gRW3CnoJoPKXtjwUHrATOUPX6-uEbPpR2UpAsENuwvJIQoVh6Nj9DUUTvg4GApNemBGu_cX7bCchHbGQsoBC4DdwDW8p7Y1vLOpHPHCFpj2kWNUxbTv4QWfA10WadWiNeID_34jks9yCEF76dVfNMo&sig=Cg0ArKJSzP77rxiEHv0BEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20220209.84099&adurl=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date
Mon, 14 Feb 2022 06:09:08 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
UFYwWwmt.js
tpc.googlesyndication.com/sodar/ Frame 057B 		41 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 16:15:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
49998
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15207
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Mon, 13 Feb 2023 16:15:50 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame 057B 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-AWDCO3n6so_1pXaU5B-RxOMWr7DfOMY4a9O9olQZObA4GjF74noNXbgtLW8C1E5kJxMnwLa41v2GH2VUUrPxwvJF1VxfhdQK55pXLOG34n-MH1DOI
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
window_focus_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 057B 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/window_focus_fy2021.js
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 04:37:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5472
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1205
x-xss-protection
0
server
cafe
etag
18074202747124231361
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 04:37:56 GMT
qs_click_protection_fy2021.js
tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/ Frame 057B 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20220209/r20110914/client/qs_click_protection_fy2021.js
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d1e3f8e415e18e40554991365d26227d2b949fdc6b61cc064ec27967b612fe52
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 05:55:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
842
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6369
x-xss-protection
0
server
cafe
etag
8684570328279026363
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Mon, 28 Feb 2022 05:55:06 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 057B 		124 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
38562
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1644410386637351"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Mon, 14 Feb 2022 06:09:08 GMT
4142749069039069167
s0.2mdn.net/simgad/ Frame 057B 		55 KB
56 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/4142749069039069167
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cef7ad69c55d6b662d173b158a575cd9c5fd487c485753439f3712a4b35f7731
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Thu, 10 Feb 2022 19:08:26 GMT
x-content-type-options
nosniff
age
298842
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
56824
x-xss-protection
0
last-modified
Thu, 18 Nov 2021 12:02:51 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Fri, 10 Feb 2023 19:08:26 GMT
12521669847370569197
s0.2mdn.net/simgad/ Frame 4089 		1009 KB
1010 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/12521669847370569197
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c843d1014342ef08bbd38f0be07df3aed370e06506f72c4f257261e3c0d35a8e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 23:00:15 GMT
x-content-type-options
nosniff
age
457733
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1033313
x-xss-protection
0
last-modified
Mon, 03 Jan 2022 10:58:35 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 23:00:15 GMT
13687412487448621497
s0.2mdn.net/simgad/ Frame 4089 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s0.2mdn.net/simgad/13687412487448621497
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
8bba198b6c1f37f5ee1697ee11aa537a51193955a0f053dda0513fc2613c7e78
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Tue, 08 Feb 2022 14:15:59 GMT
x-content-type-options
nosniff
age
489189
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20021
x-xss-protection
0
last-modified
Sun, 14 Nov 2021 15:45:57 GMT
server
sffe
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Wed, 08 Feb 2023 14:15:59 GMT
ad
googleads.g.doubleclick.net/dbm/ Frame 4089 		42 B
173 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BtU65MZq8m3foqiaiKlyNqLSxhAKSyQ8jw_2Kp60I-frFGCaYQ4I0ExP077tPq3EIbO_qDm3RgJ7Dl9a1_0lqf-2WbSxce0vbPBaj41E3M0dW-BdZULoG5LEu18jzI0hPQsH_kVWGiA7Xt6SUWT_gXc9oLmA&dbm_d=AKAmf-CN3PQtOFH8oLhrMNWJTZnwrGS6kJV5OmLkBGrLP9VpXJzfpHkN8UGCFtgDpjs9V5LsTP_uBCn665BQiTrPEeJNH_cmAhhrFp2KeWoh1a7TppNKThnVfn100NGDTCwAgoTQoDIxOmVthg9NSonhwn49ucSJDjvOM3q2qgEsKYfcu5GDg3O1IqVuPnVeiDVGRe5agStMn7Sta7dw2EfoSPDEJfPAe7XuOHHcLoFtwJWaQqY7sen3Ya6XD16_m0u5I2vyBdIeGCjoZBpzdFctylALVw5ee0kk3x1RSRVfZwNx7lIouoXS200O6why0SK0-0YpUtQVGX_Vfidh7xsW6Jxrnpjk2bPGYK2aPhmcHQIBe-oZtZqY19g94a-Rg-tgK3ucS8ypjndEMkeeIZAZzZW0fne7Fdt4Fsu4bOBpynJokxDP8mYD-QSn_9IkM57lnAy1ccXs4EXkx0E919KjfY6id22qOmLWIqkO0HiAsgQHwm8vOO-X6mPtntNaS-l9jdl_GEz2L_M7vHgfBI7DbCkoMyIZeJCCqhPN4Fihsgb8SpDJBbjKwZlvlJerxFdOfF8My8UMNO08I8KmwkBXFkcviDdCm2dZg04FrZ5wgbmOEknBkQCkFFJ7gHXCqk2-sgP1KOd5mtW-XqirWoe_aLhvZOfTMiEjvCFZyMzG9H8vQkUB85neHXYFjNBj7V6FQlhB_o3ZQ_08bF9W55UzXZfTgKEIIn_cWJ91KQAaOSUB3LXRUg0wYJC2iruRKMPhkJiQ1Hauwxp_1bXiDuuJL5DCfo9YE9YVWu1LUE1Ko6RaRYs8a7XWKgPFRvr_Da0OPPQ_uLuAu0bo_KpVBUR0iiM1d2sKuU3k4r1M_A_NWxA7rjDbMgXpIzN1eRqnsNKMzAsF1KfZIDjr8Fpp011CKY5NN0uQAoJf5FcIZJeIOn94Lad3T1Ll0XUcJ41_CbbB16Rsl1oxW_5EMC9XQ1RK6Y8_N62D0MDN03DY9yDDAAcPfsuz5cMf1PoQKSmKAqPC242ZeSudkfynBciQjvciO-xvjhU_nNihyQ1kaUTpwhILePy3Hk_bXc8r3kfosQf6Wgk2oaVpb_xTsaPtBe5LGfOQQNVI5Zks2ye0u5X99Milszc5ySxrEndoSpjOmaM4GYijmNEDRO10cmzo9_ao2Jc0UEmdlhGN1umhC8FZXycUJk118T0uON5NCTsHjzQ_tySlCyCW1LoL6DusIYlSnpYjYHFm4GBRRkWfDarZ6aMA8pCin1L_ci12GX_LeK91DoELuhdj-VXmjUn5_vXpcjbUW_BY1yb7c0W0upjiezWkYwyUoIDGl6r39XsDD9mv5_63VZKYOtIh3cO2BTZqK_ygx-zNnR_15YXWQQQVTzYJS5UGjNxjkveaXkcemyg5QGBCcdW5km57Vz3zVeDberwydI-0J1fZIjT2sehPdMDgA_Q0dlTtU-Ko4P9CPpwMOkCxxqDGuK4WTnG6kXKWEemRRMNw8mgUpIohWs0PeNdKIPkXsvMgXhERXy8O_-0ciWVSC6-L8zuCS0vn71wIYm5JO8iDPpXcBg9nO-9BBdBP0dgDEz2BwNxI0cr-Q7YkLle3ogxo4CVEWhkXl0IgdoucsElLGvKKcGBCTL8NrPZRM6NytqgMQuVPjM8WDqebg2wWGYA52EMSxPkFUMW3ODSMqp5fijCXcKRIJppLDbisFfSBscdc84zPF3wRa82BD_s96QxuzQkyUQLvcfrJVhsLyVdPwf70N6Akdbu3OY8IGMo3h3M9zix6PYS_Coj-mxw0r7ByYo_UG_rkVnJb-1web4dTWzUwZDdss7vNFLMgpVPo4HPd9zbkfAoxc4IBwEHbecSo7NGj6QnAm1zNrIYJ8CgyjtjmjwQxxKW9MY79Uq-7Uf4kXSY-yKkXsMUfi9QvK-jERtm4BJbgIHPXhe5jjI7e9idZLbMY8BGuQmUbeMkrepi6Inf_ZJaJBtLFcbYmmOOQk57V6d46Q1b8PtwaLU9veY4vDDaYZzDbtZX4GGnM7nmulHSz9LCbyo3ExoHN3-MC8xdJ3EaMQ1AqwHpDempF78WT3b_FTt2QAnXxNKJBw78mSdtVi86ZUy2u4qdkH03ZnULe9AohCORUezITsXeWdFhb6Wcyn42doGDZEpmC9Ac6WunX0Fb9aa6mjveZHfFbBZHk3bHdaT1PLs7poRCn4e2klq9CL29z5BLDzGm9asmuna1QOhKPeLIUhWMOpdHmSReCvLrkCy74A2RJKASz3sxpzh8TDQbFdnHI7ozKiN2Dmlu9iw8U8vzrB3UGF2NfTACDu604rrIlG9YQoOgXkkt7suu34Q-x3t9hp37Adr2wTpel2FHFqSTtnmNTlEAxy0UgxQFGpv4sDMIto6tLH3g8LEjaACEyeCMXfqMMUktsz5f8g3fCQg4czzZgnd282oZuk-T10QjJSw4jlsFEX5Z3ZkCPWtWzvBEftxhbYCDWVnykIesBd1GRuDqVim5aJTOYIRibJ9sL5pp5scKVTT3J1iiHlXDkfL3iRbEJsrSEpQSJfuPa0QHwS05sdfvVuJwu_PIJRDZKENe0fAjmAkF20fm1SzXq2ju5rNlI8s2QQZysOws24Z0CWCCesqKYFupk6GpYyejLQlJIAD_486sJx2SzaPhoj5WDOmZqTVKJmT4ZwexSzGbdHjgGwb1Rw0aTd-Fr2D_9CVt3mwpprwpOnN9QqgYxu98BUXmVNjslBkWMZ-01j_HBv8tN0Tsl4sEEn1aKGkPFKdFaosJ2A6qZwqc4pVidMGxoC6trKDRwvGRJ9f9dlKUGA6nntOs1MUQty1GlrEih38bY9hdgbrdFL6ayIYtRUsCifsnMzjdpbd-ZVIfO14EltkDw_NToAHrBfwQxjnUWNwMuwqrRsWLYXh9DXwErYORfBmZygVcFbkHTw3HKM1vmoOyBp1knE8TqWyYvAGXa9jy8PVVnMCEKm6jvPoqTpQgj1v8wSJ-83HJV52uJlDzwYyfuOCrhWeLCDL7q3j9_p3J6zHHnHiUCS2moFQRjpe-HPGIRzMw&cid=CAASFeRokQzOPCLw58tRHzxtDclOPrB3QA
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
adview
securepubads.g.doubleclick.net/pagead/ Frame 4089 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/adview?ai=C7naLA_IJYseoDYHw3gPdlZLgDPqXj7Vo_pP3vv8O4tPH9LgiEAEggo_FaGCVAqAB0dDQyQLIAQapAsAI0yyNCrM-qAMBqgTiAU_Qa-Kp_MkYOJbFWXqm8Ull0h_o5Ah05TjzoxrPD763QLKtjiESS4klrKS6SxYhPos9xAsMs-QMMcKwfGC2p775nQC5KTe07hnKOciQ-30IDQOANVO88RxCEH_6FXXCLH_yP8qi0MbcE6DrV7tDhrYTiuQSDinNkh0ov6mRyDeQA0avnPDCp5UIuWuaYusQMfuRv-TeaFbJ_wFgiTh9HxHKONPwuk8JyIU35Y2AFqO-oN1OihZGKz7AK1EBpWA2xSryR6rVDKP0BjZfYPO_ZT8ClXxSVaZSSOaORFOfAR91AFDABI24jZGUA-AEA4gFx_LrviqSBQYIAxAFGAGSBQYIGxABGAGSBQYIHRAEGAGSBQYIHRABGAGSBQYIHhABGAGQBgGgBjeAB5evr7YBqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwoQ76wIGOHuyb4B0ggJCIjhgBAQARgd8ggbYWR4LXN1YnN5bi05OTQ5MTQzNDM4NDcwMzE3gAoDyAsBsBOrl44OyBOn7roI0BMA2BMNiBQD2BQB0BUBgBcBshceChwIABIUcHViLTMwOTkzNTkxNjIzMTc1ODIYt4Ud&sigh=eVtsaLb1PiE&uach_m=[UACH]&cid=CAQSPgCNIrLMdq3pSwkXjhQeEtRjaXRJ3dJa4_VClSOp5vHsN1KwI8bkerdMyQfd6H0BsHDR6xebQmGmK938SFL4&template_id=509&vt=10
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
truncated
/ Frame A7F7 		215 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
463dfcfa896f16bbe702809343f9c0b1cc8993b48f368494be91d69f7c52c80d

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
truncated
/ Frame 057B 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e32e769b59e7b5613d27c1293f0a3087efe32c6680d680ec5c81a4e848afb649

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
liveView.php
live.primis.tech/live/ Frame A1B8 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?s=102992&cbuster=2045151778&cbuster=1644818948&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2045151778
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
3ed28b461a192fed06384f12e43072e94d5d8faf3b13a357907aefa7ea1b99c8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/javascript; charset=utf-8
truncated
/ Frame A1B8 		218 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
dd15519fdcf63b8cb21e1cfbb2846f899ff0e93dbe2f2f518ba0ee0967b669dd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
s
googleads.g.doubleclick.net/pagead/drt/ Frame 97D9 		143 B
222 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/

Response headers

x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
145
x-xss-protection
0
date
Mon, 14 Feb 2022 06:04:52 GMT
cache-control
public, max-age=3600
content-type
text/html; charset=UTF-8
age
256
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 4089 		221 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
ff069c1862f9ea1288453b3685950a74e9250861ecc7b8829b72a6a8e94350e6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Content-Type
image/png
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame 7FAB 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Feb 2022 16:17:00 GMT
expires
Mon, 13 Feb 2023 16:17:00 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
49928
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Enqz_20U.html
tpc.googlesyndication.com/sodar/ Frame A153 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:831::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin
*
content-length
8395
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Sun, 13 Feb 2022 16:17:00 GMT
expires
Mon, 13 Feb 2023 16:17:00 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 03 Mar 2020 20:15:00 GMT
content-type
text/html
age
49928
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
iab_consent_sdk.v1.0.js
live.primis.tech/content/ClientDetections/ Frame A1B8 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/iab_consent_sdk.v1.0.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2045151778&cbuster=1644818948&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:07 GMT
content-encoding
gzip
last-modified
Wed, 12 Feb 2020 15:01:36 GMT
server
nginx
etag
W/"5e441350-4be0"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 14 Feb 2023 06:09:07 GMT
DetectGDPR2.v1.1.js
live.primis.tech/content/ClientDetections/ Frame A1B8 		9 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR2.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2045151778&cbuster=1644818948&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-228f"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 14 Feb 2023 06:09:08 GMT
DetectGDPR.v1.1.js
live.primis.tech/content/ClientDetections/ Frame A1B8 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/ClientDetections/DetectGDPR.v1.1.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2045151778&cbuster=1644818948&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:07 GMT
content-encoding
gzip
last-modified
Thu, 11 Feb 2021 09:45:48 GMT
server
nginx
etag
W/"6024fccc-1ef8"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 14 Feb 2023 06:09:07 GMT
hls.0.12.4_2.min.js
live.primis.tech/content/video/hls/ Frame A1B8 		256 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/hls/hls.0.12.4_2.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2045151778&cbuster=1644818948&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
last-modified
Thu, 13 Aug 2020 08:36:05 GMT
server
nginx
etag
W/"5f34fb75-3ff27"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 14 Feb 2023 06:09:08 GMT
prebidVid.5.18.0_9.min.js
live.primis.tech/content/prebid/ Frame A1B8 		491 KB
178 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2045151778&cbuster=1644818948&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
53ccee744c5db641ca9e37f041a302720b862edf02e7fdee87ba9cb66921a287

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 14:54:42 GMT
server
nginx
etag
W/"6203d5b2-7ad5b"
content-type
application/javascript
cache-control
max-age=31536000, public
expires
Tue, 14 Feb 2023 06:09:08 GMT
liveVideo.php
live.primis.tech/live/ Frame A1B8 		614 KB
168 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveView.php?s=102992&cbuster=2045151778&cbuster=1644818948&pubUrlAuto=https%3A%2F%2Fthesource.com%2F&videoType=flow&floatWidth=&floatHeight=&floatDirection=&floatVerticalOffset=&floatHorizontalOffset=&floatCloseBtn=&flowMode=&flowCloseButtonPosition=
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e0bf3aaab2e32a4f899654f635a47eb478d57a55ec1fe8facdaa71fc1b78baec

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:07 GMT
content-encoding
gzip
server
nginx
content-type
text/html; charset=UTF-8
si
googleads.g.doubleclick.net/pagead/drt/ Frame 59BD
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

date
Mon, 14 Feb 2022 06:09:08 GMT
x-content-type-options
nosniff
server
cafe
content-type
text/html; charset=UTF-8
location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
view
googleads4.g.doubleclick.net/pcs/ Frame 057B 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjst4f07lkBaw0YE5IVL1TkS4sdvkevw4cn7DUBltG-bNjpzjwFkw-KqzSKDI_HLnEPm1imkDD1kF4MJEW2KAuZDpoilg3IK_K4ZuilNk22kiFeZgpqzq2NW1I2sw43NwSyhzk5lFEMs-xuxql1Ie9CBYW3o5F3_Nw68cFXuu69rO95q-YT9uZezp19vRgWqn5jErU8FKGr6B48Y6-gcr6ndNSTZVJlLg8oyjTfoEB2YJ_CvyAULO3X2GLyaQ667YWpN2W45yc3Zrk4EkUwUPRp-JBm6D6KEXjpn18-wSC2xJV4McOyJj6cpQ78xbaJLSqFpgQXFjQlIJcJzDcyV3dhP12VXwkyeAdvoAPivFPY97gXieJ6tbGCknCIf4q_bz5sR5mkUGtZwgcZRpGgLKiuUKCUcGHS9eyLZNwkApc8ZyFicEq9KEqqKObrPkXAX_TyGlOv4guC8EzGLEvPkKTWbDMOPfSmKZgLgwiOdMC8kRt7fvXNdvg0D5Hpw88JyLQMZFdjzGBqi3YFWBf1AUdnli8d5iEpcZ00PVM5nZ0rqxIZu8fE8o52VFme9GeSoG0hUMHaGtgGjdBZSd0XvCcNh9S-ZJSpdQ9NH-Vh9betSDRhWGpyQeVM7cIz07PTNVJvucEH-E8s4HfbSTfNaUbPho2Pmht4kc5fwNgLKfTuuMgu8W-Q5jXRLRyfOy4pxKV3QrKom_NR1ShbUz3YU7SdqvZAz7wR0Mo77Ngo_GtM-KGkLI69KNtj2HYyP2DK38kL13Y13voxmCILvcSYR2_gn6dzWaR7VQERWWFKhmkjjCHJmfwdfg_2kxiK2JxOws5I7_D_eQRZayCQi-Ee3R48QwxPUIh4nCEpk-e32aXYJVlfr6admbukEGQJn7434wbUJJao6mOCvJWwWDE1_8DFIJbLjzmFkQVNETtxocpZutr1zSErwaT2hknURdIwxhJaPbk5y8ubll4ExS4qtx17VaNmxUKaukGqTR9tEBAp1mioSYKnYXOtXfRPcayW3jaw07l6kCITaq69-4mGCnnmz3jrUdeStwII7uiDDOfd8nToexGB3kfEcSi291GfCbnuoKzMmkNaKjV96QEJzGYAhfc3l58fOiQ_LI_TdCW8it8u9pzRwCUmRFz3jlMPfO-mGiqaYQLGWZ1iiO0aof8onRwlGiOGd2BO3boQ&sai=AMfl-YQWCUVk83FTdB4tddnGRbubJqF19v_ZPBGWgqEwrjtte32NZL50WzTEsbXzq-WHhm8EQMoYEJsHU50AzMUfrO85CrXSwzKvytiFq4SAJZDIJiZnlYVxnI1d8nVBenCr8CysrBKU86j7tFrN0UhlBgnSdV3eJIhQ0KM3vpHrqbEI-uVbOqrLwaGxIyy0tOCqUBI6skwnOJ-D69vYnl84SxjRMTxeLxgeR5CxlavX3VzmfAObz4Qfm0Ho4gRW3CnoJoPKXtjwUHrATOUPX6-uEbPpR2UpAsENuwvJIQoVh6Nj9DUUTvg4GApNemBGu_cX7bCchHbGQsoBC4DdwDW8p7Y1vLOpHPHCFpj2kWNUxbTv4QWfA10WadWiNeID_34jks9yCEF76dVfNMo&sig=Cg0ArKJSzP77rxiEHv0BEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=377&vt=11&dtpt=376&dett=2&cstd=0&cisv=r20220209.84099&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 06:09:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
rum
dsum-sec.casalemedia.com/ Frame 42F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLfCtLsBMAE&v=APEucNWi1WUBiisEXy-FssKMkksYGsLr8LA11xuibKP-O5qHMkqnrWNcbosOU7Tc1BLSGNDmuNnNPcYWUlXoSI3jwGUbtU1V2jbJPdRIyu53Gqw4-uZdBZI_YJ84Qbd_xtlFwF16uIf9LKzuL1MZhbnOMuM6-XpvliYijLAXw6fuZI77PfXcVpE
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:08 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 42F6
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgnyBJBcyJc9noldbsjVywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLfCtLsBMAE&v=APEucNWi1WUBiisEXy-FssKMkksYGsLr8LA11xuibKP-O5qHMkqnrWNcbosOU7Tc1BLSGNDmuNnNPcYWUlXoSI3jwGUbtU1V2jbJPdRIyu53Gqw4-uZdBZI_YJ84Qbd_xtlFwF16uIf9LKzuL1MZhbnOMuM6-XpvliYijLAXw6fuZI77PfXcVpE
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:09 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame 42F6
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDBiMyii-inLK2rz2tCokmU&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDBiMyii-inLK2rz2tCokmU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLfCtLsBMAE&v=APEucNWi1WUBiisEXy-FssKMkksYGsLr8LA11xuibKP-O5qHMkqnrWNcbosOU7Tc1BLSGNDmuNnNPcYWUlXoSI3jwGUbtU1V2jbJPdRIyu53Gqw4-uZdBZI_YJ84Qbd_xtlFwF16uIf9LKzuL1MZhbnOMuM6-XpvliYijLAXw6fuZI77PfXcVpE
Protocol
HTTP/1.1
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:08 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
870d8a3e-aa83-476f-a36b-f815de0aee93
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDBiMyii-inLK2rz2tCokmU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 42F6
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1MTIxNTIwOTM1NTcwOTk%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1MTIxNTIwOTM1NTcwOTk%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGLfCtLsBMAE&v=APEucNWi1WUBiisEXy-FssKMkksYGsLr8LA11xuibKP-O5qHMkqnrWNcbosOU7Tc1BLSGNDmuNnNPcYWUlXoSI3jwGUbtU1V2jbJPdRIyu53Gqw4-uZdBZI_YJ84Qbd_xtlFwF16uIf9LKzuL1MZhbnOMuM6-XpvliYijLAXw6fuZI77PfXcVpE
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:08 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
a7f7ea76-78f0-4de5-9931-78364f6abf25
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTA1MTIxNTIwOTM1NTcwOTk%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E881
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
43 B
1013 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGITLtLsBMAE&v=APEucNXCPco2aaaJl9_K6Ai5zoFE7m9BlVx9MmtrpWRtudd9nyOLXrv5yn4eMM9_DKo_v55hFQ-emN8kpMfEJwVZ8_eMbL1rdAuMd5WDEs7CxC8s3q1gD7HA_q6wyuLFZEIoMwSNmApEIufrugoWbVUh4zg-kkb3sDjBP-31XXC9XdiMWPKQf5g
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:08 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:08 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame E881
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
  • https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
  • https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YgnyBJBcyJc9noldbsjVywAA
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
43 B
893 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGITLtLsBMAE&v=APEucNXCPco2aaaJl9_K6Ai5zoFE7m9BlVx9MmtrpWRtudd9nyOLXrv5yn4eMM9_DKo_v55hFQ-emN8kpMfEJwVZ8_eMbL1rdAuMd5WDEs7CxC8s3q1gD7HA_q6wyuLFZEIoMwSNmApEIufrugoWbVUh4zg-kkb3sDjBP-31XXC9XdiMWPKQf5g
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:09 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:09 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJYAPWMf7hZ1xGk_RFcp-nI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
ib.adnxs.com/ Frame E881
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
  • https://ib.adnxs.com/setuid?entity=101&code=CAESEDBiMyii-inLK2rz2tCokmU&google_cver=1
43 B
1014 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/setuid?entity=101&code=CAESEDBiMyii-inLK2rz2tCokmU&google_cver=1
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGITLtLsBMAE&v=APEucNXCPco2aaaJl9_K6Ai5zoFE7m9BlVx9MmtrpWRtudd9nyOLXrv5yn4eMM9_DKo_v55hFQ-emN8kpMfEJwVZ8_eMbL1rdAuMd5WDEs7CxC8s3q1gD7HA_q6wyuLFZEIoMwSNmApEIufrugoWbVUh4zg-kkb3sDjBP-31XXC9XdiMWPKQf5g
Protocol
HTTP/1.1
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:08 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
c4a1f637-5df5-4178-8097-e38e5dcac809
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ib.adnxs.com/setuid?entity=101&code=CAESEDBiMyii-inLK2rz2tCokmU&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
290
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame E881
Redirect Chain
  • https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
  • https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxNDI5NDc5NjEyMjA1MTM5Mg%3D%3D
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxNDI5NDc5NjEyMjA1MTM5Mg%3D%3D
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJb4yM4CEJ-0q4IDGITLtLsBMAE&v=APEucNXCPco2aaaJl9_K6Ai5zoFE7m9BlVx9MmtrpWRtudd9nyOLXrv5yn4eMM9_DKo_v55hFQ-emN8kpMfEJwVZ8_eMbL1rdAuMd5WDEs7CxC8s3q1gD7HA_q6wyuLFZEIoMwSNmApEIufrugoWbVUh4zg-kkb3sDjBP-31XXC9XdiMWPKQf5g
Protocol
H2
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:08 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
55751909-bcaa-413d-a899-09148eb61104
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=MTIxNDI5NDc5NjEyMjA1MTM5Mg%3D%3D
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gpt_2022020801&jk=664636754395447&bg=!V1SlVBDNAAbAtJCDwLQ7ACkAdvg8WsulMEwQqd9SpoOawGMHANhWU0uoFOuS_SxkC-rzCsbCOk-bZAIAAABTUgAAAARoAQeZAsK-1BTqv0vYxmV-OKq5bIDHjFiuBbwb_XP7-ud8nZopufhi4BYpt8q347Qg-cJzWEUmggS9Jzi--sjR4BJ82X0GQ99L2LcFx4MfuhQj-EUUFz0gcMYJVo_PNWVfPY8DkZVSU7EjfKCjqGavFBf1RKNO0gAwvYZTIpDsjHKPaNIu6lQ_laepHB20tXtn9joQva_ZbJKLGnqJGLzPfL4cherNc9-nRe_GRns76y_JYhQHpfxvOeVgxkJCcIGfkJqD6i7iuoq6sKnjMeJyJTu7mdy6deN4Je2alOcWChElI99SlDNgIVcr2rI3_3p28oVVTAYKrVApVUkf9JOo_jPJ0_hM3AANFDVElJnXIrHooo--cfsvvDfKGqwX4mR4Rj3bE_hIfW-vYE7BwZdrF4kJTsF_5EztralWWko4bOK3D90nWpP-UJaGulvmc7vsMmbr8W9zdsHDUmYlifYV9jwyuUFQMz0ArNdS1O4GrrFsu2fI1mGephEaWEbbdtSsylKMIXNyHIEm46GIRVWSnP4m2JHV2xeUE-_-FbTySPMACGcQaveVX_iko9xnufu-25rTaoNtX3acQbH1OgrlL1IvqkB-h1iQC6Wc5t6rLNQlRHm-bp-C-sGrF8yCvJd3yn3of8kbngSNZ0WsgWO4OdfRysz-eFi0ZepSbvEhX4AW9T2LvpuoJgmmOZIzeXYeki1_xuG2dmm5OWJ-_AOPxfw46j9O0dNc51Au-HY4M9wYdCnEhqpfaLo58ImKn5YyGYAVpQKXd8y3zikJSXFbsVmorefukKkjPbgtvw3uSr3X2Q1Dz6DkLS-Yud7p58bgrunBquuUMY_ACXYx4iCHv2p5-X1pvy4X_mSaFU3pI5dJxOpKnaGd-xGwqCjQLsDJZDZHfsnQh8C7EEMvEIrIfk9d1IXJeHp1KuWALVioSC5cilaarBf0
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
view
googleads4.g.doubleclick.net/pcs/ Frame A7F7 		0
23 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssOfw9yNvsI0lXnzIGMKeOa1Rd-3IYe91hsnB_-twXHzKpEFxwhJsRXakv9WMN8OkXM_HONaCNlqN35FJ6jNrJ6aU0gmqoTO4CtvdeIZGCYnJMzxNKI-h5HAW4c5q_rQ-_fY6MQeY5h8WQRvJp4or3bK-VlWRQGbzcdQB84GZTWELeUAUWazmb1HH0uBvKJtJSbjn7NRFr9OfKayo2aNLwJ5Y0TZkyXWlRaFOb9Hsc-88riDwxc1X02AdiXPF797uIqja47VVX9zs2LcogNyaEwB5oLEK60jnMUuQo1KydJNMDA3sNa7q79ZVdqfnbHSYBGRGbJxDJcZgENfrxDfY_pnOfYe1MefHtvmlT3FpLBjDkKROKX6rWb08aOQl2xf42Wnrpsf40ms7-xm0fb1t__WomdAnqsDBb66uTyoDbax2mlCAe5Zua-6P9aVBFdRevXgFHUm7xwVpQq4WKkeBxlkw41iYRlnPwcy2TO2PYBNrOKL1klgPyziLTBmii73Nw3KfCee2cDxRdXMy35repjBXfXBEdiYjbH1H2FpKHFf0cgFZgUqJHfWrOjDZdhw_W4FQCV3BWMxKdUod1ogwCCKNZjkBVQ4jK4wtycMmxjMkKVbEWjIZlDv78cWfmlceN67y98OOa8yEzHzaW6OnBERzxJ2TviLhpKsU4zGjv4W-OG2wj4eyZ8gx3CE3w8XmlS3itsT0in0GpnHuf6PE3L8tI7Ic1lBTxgS2Zngz8XIoueb2cI6cAt8vf5O_ignWASJJakaslcKX35PpESu2Yfki2hkURVgS2CJatrtYpajSJFnWNRP7meAMsgJY3Rv_bCza-Ygnawxaf5pXbjuJLUVO0VeaYiNlnWxsC2EVt9Z2IJA3diARL8UILdUkJ0B0yiNvD9kj--2Y8FEE7XLyWHgkwDdce4a4SrDZ2L1yhXlmq2-hkZaEdjAH8l7N6gF2a7_3gR8YwudmRVDbagj7Uxp9t8Gmr9_C_aRV-vyZbZzy_qbr97oV1rN4OOSSxSScIqwUxOO1A1H8Y_PDDDmGQ6EyBI7EZQFJRo0kelCUom7h53mctzb3l5-2DX1mP6LMiBY_uE4qUpoR6fs4a2nvcPYmneXPc9J1zwO3uYm2Dt0201&sai=AMfl-YSod8oQ3-r6yKTg_raYa7PdzylqT5MfRlT3-Teu1HhLIsHxFjZ7mPhXzbZLKFsIZMDrsI7GhhlKQvaarRmVbVLwVp1hMhUK4cNCfCjzi2d0REH0sFtAzGfEE_ZRsNoB87p5qD8UCa7MGrkbhtnAipMjI0t6p1wPCthuL7UKsTP2ciaG5aQ08dV7oVQ1n8qQT2nfBOqKHl6OUwT1ixhU2fXcKdYMvViViKbk-T4WiadJ33c0CEZ8mSUZhYYa5uHWIphX7IH1mvXBB_N6khUrC4Nd-wJQdU_entr0Vflp0eGc3CG9KcR-srqpwCowBHz5-SdMbkWFUTAJxC04IfhR1WgXLiGQxL-FgIR5NP3G1MFPpJLYx-IpjYBGVhSUsVl8L_fjMTdURPYJ5t4&sig=Cg0ArKJSzOMEzSrsehIkEAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=403&vt=11&dtpt=401&dett=2&cstd=0&cisv=r20220209.88345&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 06:09:08 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
si
googleads.g.doubleclick.net/pagead/drt/ Frame 97D9
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
URL: https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 14 Feb 2022 06:09:08 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Mon, 14 Feb 2022 06:09:08 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Mon, 14 Feb 2022 06:09:08 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js
pagead2.googlesyndication.com/bg/ Frame 7FAB 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 07:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
81325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13483
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Feb 2023 07:33:43 GMT
PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js
pagead2.googlesyndication.com/bg/ Frame A153 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/PUCLGob25V5To4ZA0QrG8QFJpfKRC6B4XbMmUjSZFR8.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 07:33:43 GMT
content-encoding
br
x-content-type-options
nosniff
age
81325
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13483
x-xss-protection
0
last-modified
Tue, 08 Feb 2022 16:08:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Mon, 13 Feb 2023 07:33:43 GMT
primisslate.css
live.primis.tech/content/video/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/content/video/css/primisslate.css
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
last-modified
Wed, 09 Feb 2022 07:06:30 GMT
server
nginx
etag
W/"620367f6-465a"
content-type
text/css
apstag.js
c.amazon-adsystem.com/aax2/ Frame A1B8 		134 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
Server /
Resource Hash
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
HISltcT4EtRtqxCZ_leiYbAE6TJJFUPD
content-encoding
gzip
etag
c1da564f59b83b9805e8df92eca012f5
age
128
x-cache
Hit from cloudfront
server
Server
x-amz-rid
167D0800X4M2C73S86V4
date
Mon, 14 Feb 2022 06:07:03 GMT
vary
Accept-Encoding
content-type
application/javascript
via
1.1 b83a899c16a2f53127e152fe5fc783a4.cloudfront.net (CloudFront)
cache-control
public, max-age=900
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
timing-allow-origin
*
x-amz-cf-id
UkXIOzbtRHKFfFBX5X9n7m_LSAhv3kfQUQDRru61ked7jQuXLWK39Q==
css
fonts.googleapis.com/ Frame 7078 		2 KB
549 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto&display=swap
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 05:21:44 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Feb 2022 06:09:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Feb 2022 06:09:08 GMT
css
fonts.googleapis.com/ 		1 KB
431 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Poppins&display=swap
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Mon, 14 Feb 2022 05:31:15 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Mon, 14 Feb 2022 06:09:08 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Mon, 14 Feb 2022 06:09:08 GMT
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 8125 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=140199
expires
Tue, 15 Feb 2022 21:05:47 GMT
date
Mon, 14 Feb 2022 06:09:08 GMT
vary
Accept-Encoding
liveCS.php
live.primis.tech/live/ Frame DF11
Redirect Chain
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://sync.search.spotxchange.com/partner?adv_id=8805&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D94%26advUuid%3D%24...
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=94&advUuid=9f45b308-8d5c-11ec-a92a-10b91cd50206
0
223 B 		Document
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=94&advUuid=9f45b308-8d5c-11ec-a92a-10b91cd50206
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

server
nginx
date
Mon, 14 Feb 2022 06:09:09 GMT
content-type
text/html; charset=utf-8
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
pragma
no-cache
age
0
content-encoding
gzip

Redirect headers

Server
nginx
Date
Mon, 14 Feb 2022 06:09:09 GMT
Content-Type
text/plain
Content-Length
0
Connection
keep-alive
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=94&advUuid=9f45b308-8d5c-11ec-a92a-10b91cd50206
X-fe
99
Access-Control-Allow-Methods
GET, POST, OPTIONS
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
false
Cache-Control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
cm
u.openx.net/w/1.0/ Frame 98F8 		43 B
131 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/cm?id=476b50d3-5ccf-49a1-89b8-1ddf8ea18042&r=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D98%26advUuid%3D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
pragma
no-cache
p3p
CP="CUR ADM OUR NOR STA NID"
expires
Mon, 26 Jul 1997 05:00:00 GMT
date
Mon, 14 Feb 2022 06:09:08 GMT
content-type
text/html
content-length
56
content-encoding
gzip
cache-control
private, max-age=0, no-cache
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
sync.html
s.console.adtarget.com.tr/ Frame C3BD 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://s.console.adtarget.com.tr/sync.html?aid=556966
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
2a06:8640:628:0:ec4:7aff:fe94:33ae Piscataway, United States, ASN55081 (24SHELLS, US),
Reverse DNS
Software
Adtelligent /
Resource Hash
27adb19784b26d883666762a693f152c93e26a6791d742ecbe6ede8853a8de98

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

Server
Adtelligent
Date
Mon, 14 Feb 2022 06:09:09 GMT
Content-Type
text/html; charset=UTF-8
Content-Length
914
Access-Control-Allow-Origin
https://thesource.com
Access-Control-Allow-Credentials
true
Connection
Keep-Alive
Content-Encoding
gzip
liveView.php
live.primis.tech/live/ Frame A1B8 		176 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTQmOCUlRaZcZGViXmYkNwVuYmtjYmNuODUkNwt4MTQkNTMyMxZ2nWQ2MWY5YwQlZDImOGQ1MmU2NDM5Nwx1Lz1jNCZ2nWRsY29hqGVhqF9cZD0lMDYlNmMkJaZcZF9wo250ZW50X2Ryp2M9Vz9cY2VmK29zK1RbZSgDqWk0qXJyJTNBK0gypaJ5K1qup2ucozq0o24eKl0eQWyhJTI3qCgJK1qioWFhJaZcZF9wo250ZW50X3RcqGkyPVZinWNyplgiZvgUnGUeQ3VfqHVlZSUmQSgLZXJlrSgXYXNbnW5aqG9hKlfgK0FcovUlN3QeSSgXo21uovZ2nWRsY29hqGVhqF9xqXJuqGyiow0kOTAzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK251oUNuoXBunWqhp0F1Y3Rco24eJTJGKmEeJTJGKmE1Jat9NTU2Jax9MmEmJaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMwJEMmEmNDVGMmAmODqEN0I3MmMkMmMmNmMmMmQmNwM1MmA3RDqCNDMmNTM3N0Q3QwUmNwQ0NmY4NxM2MmMlMmxmMTYmNxQ0RTZDNEM2RDRFNmY2MwUkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNTM2MmM3RDqCNTxmMmMkMmp3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp2MwZFNTY3NDUkMmI0Nwp0NwM0NmQ2NmA1QTMlMmU3QTUkNTt1NwZBNwQ0NmZDNmY2MwY5NDE3NwQ5NDQ0NTY3NEM3OTQkNmt0RTUkM0QmRDqEN0I0QmM3MmpmNmMlN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw04Mv4kOTxhMTMjLwM5JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5OC4jLwQ3NTthODAeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwIjOWYlMDQ0NDM5MSZwYaVmqGVlPTE2NDQ4MTt5NTA1NTMzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
601ece30ae9b8f10b3ee32431ecfab8e584ecd8c8441dfc936e61bfa381d6060

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://thesource.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
14732
liveView.php
live.primis.tech/live/ Frame A1B8 		176 KB
15 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0kJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTQmOCUlRaZcZGViXmYkNwVuYmtjYmNuODUkNwt4MTQkNTMyMxZ2nWQ2MWY5YwQlZDImOGQ1MmU2NDM5Nwx1Lz1jNCZ2nWRsY29hqGVhqF9cZD0lMDYlNmMkJaZcZF9wo250ZW50X2Ryp2M9Vz9cY2VmK29zK1RbZSgDqWk0qXJyJTNBK0gypaJ5K1qup2ucozq0o24eKl0eQWyhJTI3qCgJK1qioWFhJaZcZF9wo250ZW50X3RcqGkyPVZinWNyplgiZvgUnGUeQ3VfqHVlZSUmQSgLZXJlrSgXYXNbnW5aqG9hKlfgK0FcovUlN3QeSSgXo21uovZ2nWRsY29hqGVhqF9xqXJuqGyiow0kOTAzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK251oUNuoXBunWqhp0F1Y3Rco24eJTJGKmEeJTJGKmE1Jat9NDAjJax9MwI1JaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMwJEMmEmNDVGMmAmODqEN0I3MmMkMmMmNmMmMmQmNwM1MmA3RDqCNDMmNTM3N0Q3QwUmNwQ0NmY4NxM2MmMlMmxmMTYmNxQ0RTZDNEM2RDRFNmY2MwUkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNTM2MmM3RDqCNTxmMmMkMmp3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp2MwZFNTY3NDUkMmI0Nwp0NwM0NmQ2NmA1QTMlMmU3QTUkNTt1NwZBNwQ0NmZDNmY2MwY5NDE3NwQ5NDQ0NTY3NEM3OTQkNmt0RTUkM0QmRDqEN0I0QmM3MmpmNmMlN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw04Mv4kOTxhMTMjLwM5JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5OC4jLwQ3NTthODAeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwIjOWYlMDQ0NDM5MSZwYaVmqGVlPTE2NDQ4MTt5NTA1NTQzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
78e8dcb768cd94f0bc2a79cde3473ff7d3c207964eea74c905971276c6dd3e81

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://thesource.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
14753
liveView.php
live.primis.tech/live/ Frame A1B8 		27 KB
5 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://live.primis.tech/live/liveView.php?hash=pm01ODA1NlZ2nWRsqzFmqFRcoWViqXQ9LTEzqzyxX3Zup3RUrXByPTMzqzyxX3BfYXyypyZypw0mLwEhMCZ2nWRsqzyyq2FvnWkcqHyTqGF0ZT0jJaZcZF9wo250ZW50X3VloD1bqHRjplUmQSUlRvUlRaZcZGViLaBlnW1cpl50ZWNbJTJGqXBfo2FxplUlRzNhNSUlRaZcZGViJTJGqXNypaMyMxZwo252ZXJ0ZWQyMxYlOTQmOCUlRaZcZGViXmYkNwVuYmtjYmNuODUkNwt4MTQkNTMyMxZ2nWQ2MWY5YwQlZDImOGQ1MmU2NDM5Nwx1Lz1jNCZ2nWRsY29hqGVhqF9cZD0lMDYlNmMkJaZcZF9wo250ZW50X2Ryp2M9Vz9cY2VmK29zK1RbZSgDqWk0qXJyJTNBK0gypaJ5K1qup2ucozq0o24eKl0eQWyhJTI3qCgJK1qioWFhJaZcZF9wo250ZW50X3RcqGkyPVZinWNyplgiZvgUnGUeQ3VfqHVlZSUmQSgLZXJlrSgXYXNbnW5aqG9hKlfgK0FcovUlN3QeSSgXo21uovZ2nWRsY29hqGVhqF9xqXJuqGyiow0kOTAzZGVvqWqJozZipz1uqGyiow1BQyQeJTJGK251oUNuoXBunWqhp0F1Y3Rco24eJTJGKmEeJTJGKmE1Jat9NTU2Jax9MmEmJaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzpzx9NxM2OTp2NwU1Mmp0NwE3NDpmN0M3MmZCMmE3QwU0MmA3RDqCNwQmMwMjMmImMwJEMmAmMwJEMmEmNDVGMmAmODqEN0I3MmMkMmMmNmMmMmQmNwM1MmA3RDqCNDMmNTM3N0Q3QwUmNwQ0NmY4NxM2MmMlMmxmMTYmNxQ0RTZDNEM2RDRFNmY2MwUkM0QmRDqEN0I2MwYmNwt3MwZGNxQ2NTqEN0I3MTY0NwU3MmZCNmQ2RwpjN0Q3QwZGNmp2OTZFNwQ2Rwp3NmM3RDqCNTtmNTM2MmM3RDqCNTxmMmMkMmp3RDqCNwYmMTqEN0I3MwUkNTU0QTU1NDx0MmM4Nwp2MwZFNTY3NDUkMmI0Nwp0NwM0NmQ2NmA1QTMlMmU3QTUkNTt1NwZBNwQ0NmZDNmY2MwY5NDE3NwQ5NDQ0NTY3NEM3OTQkNmt0RTUkM0QmRDqEN0I0QmM3MmpmNmMlN0RGRUZFJzymQXBjPTAzZ2ViTGF0nT01MS4lOTxmJzqyo0kiozp9OS40OTEzqXNypxyjQWRxpw04Mv4kOTxhMTMjLwM5JaVmZXJVQT1No3ccoGkuJTJGNS4jKlUlOFqcozRiq3MeTyQeMTAhMCUmQvgXnW42NCUmQvg4NwQyMwxeQXBjoGVXZWJLnXQyMxY1MmphMmYeJTI4S0uUTUjyMxMeoGyeZSgHZWNeolUlOSgDnHJioWUyMxY5OC4jLwQ3NTthODAeU2FzYXJcJTJGNTM3LwM2JaBfYXyypxFjnUyxPSZwp3V1nWQ9NwIjOWYlMDQ0NDM5MSZwYaVmqGVlPTE2NDQ4MTt5NTA1NTtzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MA==
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
4758cce50cbad1a6e5f0837c18ecaedc24f06e9de307a4a09c80b9a86b49a6d6

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
https://thesource.com
cache-control
no-store
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
content-length
5267
vid61f9b42d238d5356439695_thumb.jpg
video.primis.tech/uploads/cn5/video/users/converted/29438/video_6165ac80c3a85168814153/ Frame 7078 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn5/video/users/converted/29438/video_6165ac80c3a85168814153/vid61f9b42d238d5356439695_thumb.jpg?cbuster=1643754922
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
0fb2137cee5ff2d5319f1c359409d007448aa8e43f6c0ef5ddb0f546c9c4bdb2

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
via
1.1 4d2109dc7bb96c2f47ec0ce40f98fe16.cloudfront.net (CloudFront)
last-modified
Tue, 01 Feb 2022 22:35:23 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"b8a1dc7005cc0ad17467d31b6ce248e1"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 06:09:08 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
2651
x-amz-cf-id
OrYEe5YlEVrDt7V9hvaH9vxElJSO2BEq1Ix0pRWaQKd803qzAI5LXw==
x-proxy-cache
HIT
vid61f9aff3d865c334277454_thumb.jpg
video.primis.tech/uploads/cn5/video/users/converted/29438/video_6165ac80c3a85168814153/ Frame 7078 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn5/video/users/converted/29438/video_6165ac80c3a85168814153/vid61f9aff3d865c334277454_thumb.jpg?cbuster=1643753817
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
3300e36eba7b673bad62144fe66976f1bf29392bbd35a07b76f468e3ebb3a459

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
via
1.1 231be1c97cc722fa08b64d21072ebfac.cloudfront.net (CloudFront)
last-modified
Tue, 01 Feb 2022 22:15:49 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"c0ee1384e98cf96ef929249121df9152"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 06:09:08 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1827
x-amz-cf-id
83f3ilkrbneTrCrjlDLd_c3fZ_v6Tul2EMMSZsXur5SdW5UV8w0OFA==
x-proxy-cache
HIT
vid61f86c9b71b01487752729_thumb.jpg
video.primis.tech/uploads/cn4/video/users/converted/29438/video_6165ac80c3a85168814153/ Frame 7078 		688 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn4/video/users/converted/29438/video_6165ac80c3a85168814153/vid61f86c9b71b01487752729_thumb.jpg?cbuster=1643673985
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
7f4611610e7eb4cc59298007c3a5adadb6d2417aea7fd0fedcd9cf8fbd52f674

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
via
1.1 8774389ba30eacd908b7572400bf30e6.cloudfront.net (CloudFront)
last-modified
Mon, 31 Jan 2022 23:13:21 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"1a1709856dfeac0f9c61f747c3f24534"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 06:09:08 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
688
x-amz-cf-id
KfX2tKSJdaXUJbTVaouyXAyKN8Xm4F7klKxSsmxk-pj8Iu3DZ3OUZQ==
x-proxy-cache
HIT
vid61f86ac5b67c2727585347_thumb.jpg
video.primis.tech/uploads/cn4/video/users/converted/29438/video_6165ac80c3a85168814153/ Frame 7078 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn4/video/users/converted/29438/video_6165ac80c3a85168814153/vid61f86ac5b67c2727585347_thumb.jpg?cbuster=1643673945
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
c5181719604064106aabc26726729f88fdc69281de2fabbe1cc42f169e43ca2e

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
via
1.1 dc0aad619823d3400ef947433d0af8fa.cloudfront.net (CloudFront)
last-modified
Mon, 31 Jan 2022 23:06:03 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"56abb881eb046350a02ea1e567b3cc1b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 06:09:08 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
1146
x-amz-cf-id
VELYNeQL9t105Bm-A92XgoJXvJ3d5lYiSQlrYJO3L4KVB9XBEijyCA==
x-proxy-cache
HIT
vid61f87906be67c290576506_thumb.jpg
video.primis.tech/uploads/cn4/video/users/converted/29438/video_6165ac80c3a85168814153/ Frame 7078 		635 B
1003 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn4/video/users/converted/29438/video_6165ac80c3a85168814153/vid61f87906be67c290576506_thumb.jpg?cbuster=1643673887
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
061bee66b2175b421dab982278b8d7d077aa50c9d54a364a7cba161c64e7dcf1

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
via
1.1 968007545c497b68cc41825f11e930ba.cloudfront.net (CloudFront)
last-modified
Tue, 01 Feb 2022 00:05:52 GMT
server
Tengine
x-amz-cf-pop
FRA60-P3
etag
"6a89b4d3bffebd68415508dddbc7e5a6"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 06:09:08 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
635
x-amz-cf-id
lZRhe0tR6m2mYZQyi4yF1iZNzNlcz6n6qj2tVZ7Uz3tSXtwaJhUIzw==
x-proxy-cache
HIT
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTUjJaNypaZypyRcoWU9MTY0NDtkODx0OCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTAlOTxlJaN0YT0jJat9NTYmJax9MmE3JaZcZF9jYXNmRG9gYWyhPXRbZXNiqXJwZS5wo20zp3VvSWQ9qGuyp291pzNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCUlMCUlRvUlMG51oUNuoXBunWqhp0F1Y3Rco24yMwAyMxYyMwAkJTIjJTJGJTIjMTUznXNBpHA9MCZlnT02QmY5NmY2NTUmNmQ2MTp0NmM3QmpmNxImMTqCNTQmMDqEN0I2NDMlMmAmMwMlMxQmMDMlMxQmMTM0NUYmMDM4N0Q3QwpmMmEmMmM3MmMmNDM2MmUmMDqEN0I0MmM1Mmp3RDqCNTM2NDQ3Nwt2QmYmMmImOTMkNwM2RDRFNxM0QmZENEU3NwYlNTEmRDNEN0Q3QwYlNwM2ODplNxY2RDY1N0Q3QwpkNwQ2NTpmNxI3NDZGNmA3RDqCNxY3NmY5NxU2NDZGNmp3MmqEN0I1ODM1MmYmMmqEN0I1OTMmMmEmNmqEN0I2NwMkN0Q3QwplNTE1NTRBNTU0OTQmMmt2NmYlNxU1Nwp0NTEmMwQ2NmQ2MmQ3NDY3MDVBMmImNTqBNTE1ODU2NxE2NDQ3NxM3NwYlNwx0MTp2NDx0NDQ1Nwp0Qmp5NDE3ODRFNTEmRDNEN0Q3QwRDMmpmNmM3MmI3REZFRxUzZGyunWQ9JaVmZXJJpEFxZHI9ODIhMTx5LwEmMC4mOSZ1p2VlVUE9TW96nWkfYSUlRwUhMCUlMCUlOFqcozRiq3MyMwBOVCUlMDEjLwAyM0IyMwBXnW42NCUmQvUlMHt2NCUlOSUlMEFjpGkyV2VvS2y0JTJGNTM3LwM2JTIjJTI4S0uUTUjyMxMyMwBfnWgyJTIjR2Vwn28yMwxyMwBDnHJioWUyMxY5OC4jLwQ3NTthODAyMwBTYWZupzxyMxY1MmphMmYzY3N1qWyxPTYlMDyzMwA0NDQmOTEzY29hqGVhqEZcoGVJZD0jJz1yZGyuUGkurUkcp3RJZD0jJz1yZGyuTGymqEyxPTAzZ2Rjpw0kJzqxpHJDo25mZW50PSZcp1qyUGFmp0qxpHI9MCZwY3BuPTAzY2NjYUNioaNyoaQ9JzNvqXN0ZXI9MTY0NDtkODx1MDU0NSZ1nWQ9U2VenW5xo1NQoGF5ZXI2MwA5ZwIjNDZxZTJzJaB1YyVloD1bqHRjplUmQSUlRvUlRaRbZXNiqXJwZS5wo20yMxYzZzkiYXRTqGF0qXM9ZzFfp2UzZWyxp3A9pHJyYzyx
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
sync
x.bidswitch.net/ Frame A1B8 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=sekindo&gdpr=1&gdpr_consent=
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.161.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-161-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:09 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame A1B8
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D93%26advUuid%3D%7Bdevice_id%7D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=93&advUuid=e069e9cf-ad40-407f-b6d5-38007c72d9c9
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=93&advUuid=e069e9cf-ad40-407f-b6d5-38007c72d9c9
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=93&advUuid=e069e9cf-ad40-407f-b6d5-38007c72d9c9
date
Mon, 14 Feb 2022 06:09:08 GMT
server
_
content-length
0
liveCS.php
live.primis.tech/live/ Frame A1B8
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=192962&cb=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D99%26advUuid%3D
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=99&advUuid=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=99&advUuid=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:09 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=99&advUuid=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
334
Expires
Mon, 14 Feb 2022 06:09:09 GMT
liveCS.php
live.primis.tech/live/ Frame A1B8
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofiles_engine%252FProfilesEngineServl...
  • https://eb2.3lift.com/getuid?ld=1&gdpr=1&cmp_cs=&us_privacy=&redir=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26pixel%3Dhttps%253A%252F%252Fsync.intentiq.com%252Fprofile...
  • https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D4442326126424...
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D4442326126424788785380&advId=121&advUuid=4442326126424788785380
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

location
https://live.primis.tech/live/liveCS.php?source=external&pixel=https%3A%2F%2Fsync.intentiq.com%2Fprofiles_engine%2FProfilesEngineServlet%3Fat%3D20%26mi%3D10%26dpi%3D259151345%26pcid%3D4442326126424788785380&advId=121&advUuid=4442326126424788785380
date
Mon, 14 Feb 2022 06:09:09 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync.php
pixel.rubiconproject.com/exchange/ Frame A1B8 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=primis
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
liveCS.php
live.primis.tech/live/ Frame A1B8
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D105%26advUuid%3D%24UID
  • https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=105&advUuid=50512152093557099
0
223 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=105&advUuid=50512152093557099
Requested by
Host: thesource.com
URL: https://thesource.com/
Protocol
H2
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
cache-control
no-store
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:09 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 692.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
be2e1e9b-f3b8-4618-88ef-a4925aad07ac
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://live.primis.tech/live/liveCS.php?source=external&csuuid=6209f20444391&pixel=&advId=105&advUuid=50512152093557099
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
vid61f9b42d238d5356439695.jpg
video.primis.tech/uploads/cn5/video/users/converted/29438/video_6165ac80c3a85168814153/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn5/video/users/converted/29438/video_6165ac80c3a85168814153/vid61f9b42d238d5356439695.jpg?cbuster=1643754922
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
8dd7e1b7d4208d65bd549e8ba650f5b9e79772efc3024ac9f4ec0063b61760d4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
via
1.1 071c6d250f90381986ebbec31df7b7e4.cloudfront.net (CloudFront)
last-modified
Tue, 01 Feb 2022 22:35:21 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"0b74481d4d34f8371ad285f26caced8b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 06:09:08 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
21233
x-amz-cf-id
IsSTpTFx-S45uP79v9fdM8aFwWtUe1_PfbkH3KfPZhJGfxys0rZiZQ==
x-proxy-cache
HIT
pxiEyp8kv8JHgFVrJJfecg.woff2
fonts.gstatic.com/s/poppins/v19/ 		8 KB
8 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/poppins/v19/pxiEyp8kv8JHgFVrJJfecg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Poppins&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Wed, 09 Feb 2022 19:30:15 GMT
x-content-type-options
nosniff
age
383934
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7884
x-xss-protection
0
last-modified
Wed, 26 Jan 2022 19:17:03 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Thu, 09 Feb 2023 19:30:15 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ Frame 7078 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto&display=swap
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://thesource.com
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Fri, 11 Feb 2022 09:48:03 GMT
x-content-type-options
nosniff
age
246066
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
15688
x-xss-protection
0
last-modified
Wed, 22 Sep 2021 16:13:19 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Sat, 11 Feb 2023 09:48:03 GMT
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ Frame A1B8 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-95-188.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
eaU6ir6qmGswM2SGRmLi7PKhBcBrRdvn
content-encoding
gzip
etag
W/"a4d296427fc806b21335359e398c025c"
age
11918
x-cache
Hit from cloudfront
access-control-max-age
3000
access-control-allow-origin
*
last-modified
Fri, 21 Jan 2022 02:54:57 GMT
server
AmazonS3
date
Mon, 14 Feb 2022 03:24:45 GMT
vary
Origin
access-control-allow-methods
GET
content-type
application/javascript
via
1.1 9eb0e845437929074828e0cf53f179ae.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA50-C1
x-amz-cf-id
rkkCd07_aRIpBBFWOF6PREYIbqjeaCrL0Bmy2R82FvRoT4OQKX77fA==
openrtb
adx.adform.net/adx/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept
*/*
Access-Control-Request-Method
POST
Access-Control-Request-Headers
content-type
Origin
https://thesource.com
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Sec-Fetch-Mode
cors

Response headers

server
nginx
date
Mon, 14 Feb 2022 06:09:09 GMT
access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
POST,OPTIONS
access-control-allow-origin
https://thesource.com
access-control-max-age
86400
allow
POST,OPTIONS
cache-control
no-cache, no-store, must-revalidate, no-transform
expires
-1
pragma
no-cache
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security
max-age=31536000; includeSubDomains
swfIndex.php
ads.stickyadstv.com/www/delivery/ Frame A1B8 		67 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.stickyadstv.com/www/delivery/swfIndex.php?reqType=AdsSetup&protocolVersion=2.0&zoneId=14000367&componentId=prebid&componentSubId=mustang&timestamp=1644818950803&pKey=-672410630&_fw_gdpr_consent=&_fw_gdpr=true&loc=https%3A%2F%2Fthesource.com%2F&playerSize=556x313&schain=1.0%2C1!primis.tech%2C29438%2C1%2C%2C%2C
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.21.142.210 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-21-142-210.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:09 GMT
Server
nginx
Content-Type
application/xml;charset=UTF-8
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
max-age=0, no-cache, no-store
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
67
x-sticky-vk
1644818949019099-360
Expires
Mon, 14 Feb 2022 06:09:09 GMT
cygnus
htlb.casalemedia.com/ Frame A1B8 		36 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=491831&v=8.1&ac=j&sd=1&nf=1&r=%7B%22id%22%3A%2234d12c950bf75c%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthesource.com%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22mfu%22%3A0%2C%22bu%22%3A0%2C%22iu%22%3A1%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A1%2C%22ren%22%3Afalse%2C%22version%22%3A%225.18.0%22%2C%22userIds%22%3A%5B%5D%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2248505531199357%22%2C%22ext%22%3A%7B%22siteID%22%3A%22491831%22%2C%22dfp_ad_unit_code%22%3A%22%2F102992%22%2C%22sid%22%3A%22556x313%22%2C%22fl%22%3A%22x%22%7D%2C%22video%22%3A%7B%22playerSize%22%3A%5B%5B556%2C313%5D%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22minduration%22%3A1%2C%22maxduration%22%3A200%2C%22protocols%22%3A%5B1%2C2%2C3%2C4%2C5%2C6%5D%2C%22linearity%22%3A1%2C%22api%22%3A%5B1%2C2%5D%2C%22placement%22%3A1%2C%22startdelay%22%3A0%2C%22skip%22%3A1%2C%22w%22%3A556%2C%22h%22%3A313%7D%2C%22bidfloor%22%3A2.6%2C%22bidfloorcur%22%3A%22USD%22%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22primis.tech%22%2C%22sid%22%3A%2229438%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-37-38-181.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
615eb206011d97e02bb9fbc4ab3e560b25ffaff03eb2ee3028521a9df90ac413

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
x-ak-initial-geo
CC:[GB], RC:[EN], CN:[EU], CIP:[82.199.130.39], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://thesource.com
x-cs-client-geo
27
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
36
x-ak-client-geo
27
expires
Mon, 14 Feb 2022 06:09:09 GMT
avjp
primis-d.openx.net/v/1.0/ Frame A1B8 		106 B
173 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://primis-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fthesource.com%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=eaaa7399-01b0-4040-81a8-2a3d16fa89f4&nocache=1644818950809&gdpr_consent=&gdpr=1&schain=1.0%2C1!primis.tech%2C29438%2C1%2C%2C%2C&skip=1&auid=540289187&vwd=556&vht=313&aucs=adUnit_15&aumfs=2600
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
via
1.1 google
server
OXGW/17.1.0
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://thesource.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
106
expires
Mon, 26 Jul 1997 05:00:00 GMT
prebid
prebid.media.net/rtb/ Frame A1B8 		1 KB
837 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.media.net/rtb/prebid?cid=8CU695QH7
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
139.148.107.34.bc.googleusercontent.com
Software
nginx /
Resource Hash
b23f183ed5ad9e60fc0bfa5c13f2962e773323b04a4474713183fe24b526642d

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
content-encoding
gzip
server
nginx
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
via
1.1 google
openrtb
ads.adaptv.advertising.com/rtb/ Frame A1B8 		0
214 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=PrimisTwoHB
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.136.79 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-136-79.eu-central-1.compute.amazonaws.com
Software
adaptv/1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thesource.com
access-control-allow-credentials
true
server
adaptv/1.0
Connection
keep-alive
content-length
0
content-type
application/json
translator
hbopenbid.pubmatic.com/ Frame A1B8 		0
114 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
204.237.133.116 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://thesource.com
date
Mon, 14 Feb 2022 06:09:09 GMT
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
openrtb
adx.adform.net/adx/ Frame A1B8 		0
407 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://adx.adform.net/adx/openrtb
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.40 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
application/json

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
POST,OPTIONS
p3p
CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
expires
-1
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A1B8 		173 B
401 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.153.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-153-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
2ad9429260f9dd7f1486e311beef3c823181a6758bcb245ca00727181bad4d3d

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
content-encoding
gzip
x-prebid
pbs-java/1.82.0
content-type
application/json
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
v1
prg.smartadserver.com/prebid/ Frame A1B8 		0
335 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prg.smartadserver.com/prebid/v1
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.139.58 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:08 GMT
vary
Origin
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin
https://thesource.com
cache-control
no-cache,no-store
access-control-allow-credentials
true
content-type
application/json; charset=UTF-8
content-length
0
196297
search.spotxchange.com/openrtb/2.3/dados/ Frame A1B8 		0
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://search.spotxchange.com/openrtb/2.3/dados/196297?src_sys=prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Date
Mon, 14 Feb 2022 06:09:09 GMT
X-SpotX-Timing-Transform
0.000285
X-SpotX-Timing-SpotMarket
0.006881
X-SpotX-Timing-Page-Mux
0.000239
X-SpotX-Timing-Page-Require
0.000295
X-fe
098
Connection
keep-alive
X-SpotX-Timing-Page-Cookie
0.000018
X-SpotX-Timing-Page
0.011224
Pragma
no-cache
X-SpotX-Timing-Page-Context
0.000279
Last-Modified
Mon, 14 Feb 2022 06:09:09 GMT
Server
nginx
Cache-Control
no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary
0.006881
Access-Control-Allow-Methods
POST, GET, PATCH, DELETE, OPTIONS
Content-Type
application/json
Access-Control-Allow-Origin
https://thesource.com
X-SpotX-Timing-Page-Misc
0.003216
X-SpotX-Timing-Page-Exception
0.000001
X-SpotX-Timing-SpotMarket-Secondary
0.000000
X-SpotX-Timing-Page-URI
0.000010
Access-Control-Allow-Credentials
true
Access-Control-Allow-Headers
Expires
Thu, 01 Jan 1970 00:00:00 GMT
vid61f9b42d238d5356439695.jpg
video.primis.tech/uploads/cn5/video/users/converted/29438/video_6165ac80c3a85168814153/ 		21 KB
21 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://video.primis.tech/uploads/cn5/video/users/converted/29438/video_6165ac80c3a85168814153/vid61f9b42d238d5356439695.jpg?cbuster=1643754922
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
185.167.96.10 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
Tengine /
Resource Hash
8dd7e1b7d4208d65bd549e8ba650f5b9e79772efc3024ac9f4ec0063b61760d4

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
via
1.1 071c6d250f90381986ebbec31df7b7e4.cloudfront.net (CloudFront)
last-modified
Tue, 01 Feb 2022 22:35:21 GMT
server
Tengine
x-amz-cf-pop
BRU50-C1
etag
"0b74481d4d34f8371ad285f26caced8b"
content-type
image/jpeg
access-control-allow-origin
*
expires
Mon, 28 Feb 2022 06:09:09 GMT
cache-control
max-age=1209600
accept-ranges
bytes
content-length
21233
x-amz-cf-id
IsSTpTFx-S45uP79v9fdM8aFwWtUe1_PfbkH3KfPZhJGfxys0rZiZQ==
x-proxy-cache
HIT
PugMaster
image6.pubmatic.com/AdServer/ Frame 8125 		0
42 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=99615984&p=159196&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=1&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159196&userIdMacro=PM_UID&gdpr=1&gdpr_consent=&predirect=https%3A%2F%2Flive.primis.tech%2Flive%2FliveCS.php%3Fsource%3Dexternal%26csuuid%3D6209f20444391%26pixel%3D%26advId%3D91%26advUuid%3DPM_UID%26gdpr%3D1%26gdpr_consent%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ Frame 7FAB 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BvklwA_IJYpqlDYHw3gPdlZLgDAAAAAA4AeAEAg&bg=!zc6lzorNAAbAtJCDwLQ7ACkAdvg8Ws9zfm8T70VFeoyJIZaTj1DYu8ac-cWQlk0F3rD7qy3DD_2bqQIAAAIqUgAAAAJoAQeZAvXxj62Q2drXKTMK-v7E8ZqROkBRGtmRfAJ19KKp_J7SfzQ48kT8V8REJ9l8tRSRuU4M82vXKSn7zqEbPPZQxVPsrD09htpQOdhfzigcVE0lRWTzG8VZkYUHZR5dqEE3RxY0-Un1qQxMYn0vf0pQszc3_1eiyF1T20f30ffR-v4cyhINCeyixDLjKlVc5drNAOK6wiwilcGDHN70iKB3I9X1kuRNZjiEwBEtsSeH8SCNVv_sRmsZfa_WHvEqv8UgWFhCWCv3yO-Z9rKzI-QRHAnyuQRrQRFNDSgiSB4X7oGTUjVWh8rgWc06Kz26OVzTIDtt8-OspIpj610WzKyVdtie6Rb9P0mqzd4j36Sn002C12DTCA5BG7C4QZP89pizKiCt9XBvEF5u7ml4kyfBdVv7013pWaECItPlmAxLGHGkjB4UM8ASfB2_rkOIPONyWKuDs1J5EZz1xkqxkYg-wrC0e2iDUI11FjiGY-FkE7tFvwfVBD8vE5VitpnRIS1X24nFg64QxxWRsijIER7HwAlkjIQNRGYYpm8oOcetk2lbQh2Xn6htM4COLQOcPBWIc4iO56rV2K7CjrradNpkHngm-Vu4uumeB1ncLWS68gUpIWftplANT5Zn60Ywy79pqO2PdFwgRDqo9T0CNvT_OvPqsxgik-qs6hbChVoKLBGZlrZl9enDZgxA4RChmz09Iz2I5cIB-dw73LdWbcobOe1qh-AVr9pTyP-m0gQwaeFjf3aqmwFc4b2YX03KI14c7zWwGEqbdAoakZNB1vnl_n5r5FnhXI3Ku7eQWiUpr-C5_3B4itK_DYEjPTYOJ2fsYb4MGOqpa4Ldstth0RAt_NEsift3npinefmXYcmEfcIcOkTHNQ6Iw1AkDtMyHR-rw0aLyiXhhfn-vxINYzguCIqVQPgrELtx1X-HA4b3W8moZ_W2Mt3RcjEmBU6D7mCwNVTEdFGIKyweIqz9HzRZgr21qHRqlWGO0esJ_H7PZITFpS1aktEN
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
gen_204
pagead2.googlesyndication.com/pagead/ Frame A153 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BdeTcA_IJYuibDYHw3gPdlZLgDAAAAAA4AeAEAg&bg=!iYqlis7NAAbAtJCDwLQ7ACkAdvg8WqqSfvq8mHPhF21kLjVWvskuQxh198SQkpoLKnweQ5xg2seWwQIAAAIeUgAAAAFoAQeZAy25pWv8oA7O4ESk-_J2WkfasgfssQ_MkpifIT8PpqkEXXHa8eekbZj5kGjQOeTvWOssFsNvO0maZTykGnj2mRE-mnOnShCcKSf9bpOnsNphXham-ITcSJz6dkhP_vJutu7uwdfZAF4WQVxFKxF52VKH8goNMfU2sgemZSTuzuVWrkH-9OJ0aIJYmqsd9FcDxL3VD0nOgWzGYsNl4rzf5Fke52qc0m1nD04ysaGx5CCveWgVo6v2SAkx3uYrjwV0Ak0sJclpL2m3ESx-VkEQvMPTmWtqHEtyewkr5Qbbf3nIUeaIgNBCrtA9klKy0WtKRFOKYDH_hBU_akrgIni7Znqm_TxjR0azGWnWUHsnTsnLxa_90nQnBZqP4Pt0ogRhmYWZfTX9nUqKWU50xhJJyvL5trAbht63kRv3QMY9CknTFJDHGC7AA7XX2ZGyNlsOpUmn27CzK3u9roeTYRuvAxbph0CxkpBqHudf81_z68CSH1mjrJkBOlG5tw3BTe6LTMEFanzunV1OYO_YFwlwu1Pi4rg28no4g50koMmYazoOWh1PFPl2EnW_4OXRz2cvKr7QYTHSx3ESqWNIuYA1YQuCvF5h0itX6gJYWNsNZfBo6tsWbvVdHcm1F9185kQrm3awKXRDpDQfk1gSbjn6Wxjs-9pbiLzTvCDHmrhxH4eF4id7z6_8ECqAz_e3JrszO-1kwxnKtXl4h6ZmanJmJ3rnT1-fzO8xXzfLFPI5AwcOikxB2-StDMrrXc-yKpbFaPQrhHc88rgHwBfzItKKfIoccgD1ihb_SDHvzx_wDng9n2LqKPhc7jAmOMR-RgAK_MSUGY6awrhWbV2cH526iVr5k29jmGipzghp9L7OJdwGZx97w16Dlu3kdEl2fnXrMgVHHTpBrRzHQaFpnILMCwKivy8dFL5LXPa8LybscvR5UW79gZ907rPNbWgIQcmS0M0d5Jh1avfyg8Kk2Umh6tblMtF8A1rKYftKhqDWVyS8tvLjuyRVC6JVApAVMdL-UeiLoX450M4puV_k9guSPPl_xdm0inZZmWoqJhzWmU363vbZpmAM3xavzF0upaw
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
csync
sync.console.adtarget.com.tr/ Frame 9DFB 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=544989&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 14 Feb 2022 06:09:09 GMT
Content-Length
0
Etag
f1902e3075445ce8
csync
sync.console.adtarget.com.tr/ Frame 4C97 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550214&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 14 Feb 2022 06:09:09 GMT
Content-Length
0
Etag
f1902e3075445ce8
/
ads.us.e-planning.net/uspd/1/ Frame 2A6B
Redirect Chain
  • https://ads.us.e-planning.net/uspd/1/?du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
  • https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.249.52.249 Amsterdam, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
38584169709df9b932f3cb8a69e438bbe518044777f0163534ef78dc0a5f053b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
openresty
date
Mon, 14 Feb 2022 06:09:09 GMT
content-type
text/html
cache-control
max-age=0, no-cache
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
expires
Mon, 14 Feb 2022 06:09:09 GMT
x-sid
AMS-738
content-encoding
gzip

Redirect headers

server
openresty
date
Mon, 14 Feb 2022 06:09:09 GMT
content-type
text/html; charset=iso-8859-1
p3p
policyref="http://ads.us.e-planning.net/p3p/eplanning.p3p", CP="NOI DSP COR NID CURa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV"
location
/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
x-sid
AMS-738
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 89CE 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?gdpr=0&gdpr_consent=&us_privacy=&predirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307406%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=140198
expires
Tue, 15 Feb 2022 21:05:47 GMT
date
Mon, 14 Feb 2022 06:09:09 GMT
vary
Accept-Encoding
cookie
cm.adform.net/ Frame 84FE 		43 B
106 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adform.net/cookie?redirect_url=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307457%26extuid%3D%24UID
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.4.39 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

server
nginx
date
Mon, 14 Feb 2022 06:09:09 GMT
content-type
image/gif
content-length
43
csync
sync.console.adtarget.com.tr/ Frame E3B3 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=502624&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 14 Feb 2022 06:09:09 GMT
Content-Length
0
Etag
f1902e3075445ce8
csync
sync.console.adtarget.com.tr/ Frame 2478
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=admatic
  • https://creativecdn.com/cm-notify?pi=admatic&tc=1
  • https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=FnRwMWzVlB0zfyei7KwG&pi=admatic&tc=1
0
407 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=FnRwMWzVlB0zfyei7KwG&pi=admatic&tc=1
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 14 Feb 2022 06:09:09 GMT
Content-Length
0
Etag
f1902e3075445ce8

Redirect headers

date
Mon, 14 Feb 2022 06:09:09 GMT Mon, 14 Feb 2022 06:09:09 GMT
location
https://sync.console.adtarget.com.tr/csync?t=a&ep=307080&extuid=FnRwMWzVlB0zfyei7KwG&pi=admatic&tc=1
cache-control
no-cache, no-store, must-revalidate, private, max-age=0
pragma
no-cache
expires
Thu, 01 Jan 1970 00:00:00 GMT
content-length
0
pbsync.html
js.adscale.de/ Frame D069 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

content-type
text/html
last-modified
Tue, 08 Feb 2022 03:53:52 GMT
x-amz-version-id
mQVPjkKD6HXSB3D_Bcg_21DnSE2NOeK.
server
AmazonS3
content-encoding
br
date
Mon, 14 Feb 2022 05:13:03 GMT
cache-control
max-age=7200
etag
W/"5550fca00caf055568d6ced373f2721f"
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
6tAWdHgeI6TLB71j7Ms-BZSGIV41WVw49rGQrdPk_yciHAv0m7XoCw==
age
3367
csync
sync.console.adtarget.com.tr/ Frame AAB7 		0
397 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=550070&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/

Response headers

Server
VertaMedia 1.0
Date
Mon, 14 Feb 2022 06:09:09 GMT
Content-Length
0
Etag
f1902e3075445ce8
csync
sync.console.adtarget.com.tr/ Frame C3BD 		0
397 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=306708&extuid=${USER_ID}
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:09 GMT
Server
VertaMedia 1.0
Etag
f1902e3075445ce8
Content-Length
0
csync
sync.console.adtarget.com.tr/ Frame C3BD 		43 B
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?redir=
Requested by
Host: s.console.adtarget.com.tr
URL: https://s.console.adtarget.com.tr/sync.html?aid=556966
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.console.adtarget.com.tr/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:09 GMT
Server
VertaMedia 1.0
Etag
d8e25e30751d8ce8
Content-Length
43
Content-Type
image/gif
view
securepubads.g.doubleclick.net/pcs/ Frame A1B8 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuK_SySJQcYi8e4TyDO3cPQ8EFemmH5DP_moUmkNgGjxOcqW6wQ6zgUYUDR9GURrW07E-a4YPvcg6wXKActzcKExm_qHuVz2a7Bv9neBNSeJfd-ZZHqYcJYvZiyPln-yYEU9QPXRG48Ou1NG-nOStpxu8xF_UXctwifmabDlEE9YHPz8-DVBJaNYBS7a0Yuwze_2Lsb_cO0KBOotcnEaeYsfGPM9ePUpZuCz0YA4rkYkWbDustkgBpKbUBDrriFMq1JBVatnG3DAJeqcVGNni4U-oYj8WKQbvSIFQb1YWZ9rVXJ7kf6LekqM2-SQmjVqpsDMw&sai=AMfl-YSBjLwIKOBqJMMNZwRUaw_SPJehYrGavBW3FS8V-Ibb9KlfhI8AA4mDkmzMUoNPQeHXoSGcjhD6fN5Wd2fG_mJdYvWnbfNXBMTeXQLMMW0hJNb45MwKW7OJwZ2jNVU&sig=Cg0ArKJSzO3IKEGOeGjLEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&adurl=
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 06:09:09 GMT
x-content-type-options
nosniff
accept-ch
Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
server
cafe
expires
Mon, 14 Feb 2022 06:09:09 GMT
um
u-ams02.e-planning.net/ Frame 2A6B
Redirect Chain
  • https://pixel.sitescout.com/dmp/pixelSync?network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dd908aed30d4513ef
  • https://pixel.sitescout.com/dmp/pixelSync?cookieQ=1&network=EPLANNING&rurl=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D%7BUSER_ID%7D%26dc%3D0abbcb4eba840e59%26fi%3Dd908aed30d4513ef
  • https://loadm.exelator.com/load/?p=204&g=700&j=r&buid=b0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348&ru=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_i...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=b0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348&partner_url=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3Db0f03b4d-d3...
  • https://u-ams02.e-planning.net/um?uid=b0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348&dc=0abbcb4eba840e59&fi=d908aed30d4513ef
42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?uid=b0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348&dc=0abbcb4eba840e59&fi=d908aed30d4513ef
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
server
openresty
content-type
image/gif

Redirect headers

location
https://u-ams02.e-planning.net/um?uid=b0f03b4d-d31c-4e67-8b61-c0ef7307a658-6209f205-4348&dc=0abbcb4eba840e59&fi=d908aed30d4513ef
date
Mon, 14 Feb 2022 06:09:09 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
prebid
rtb.openx.net/sync/ Frame 2A6B 		43 B
351 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.openx.net/sync/prebid?r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Dff96d1aa62deeebd%26fi%3Dd908aed30d4513ef%26uid%3D%24%7BUID%7D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.186.253.211 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
211.253.186.35.bc.googleusercontent.com
Software
Cowboy /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
via
1.1 google
server
Cowboy
vary
Origin
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
null
access-control-expose-headers
cache-control
private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials
true
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-request-id
5egld3u74mra0jdvehlhjqn93p6q20h3
ptag
a.audrte.com/ Frame 2A6B 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://a.audrte.com/ptag?p=M1353665098
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.215.193.43 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-18-215-193-43.compute-1.amazonaws.com
Software
/
Resource Hash

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
lotame.js
s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/ Frame 2A6B 		266 B
416 B 		Script
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
content-encoding
gzip
last-modified
Thu, 19 Nov 2020 16:18:03 GMT
server
openresty
etag
W/"5fb69abb-10a"
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=157680000
expires
Sat, 13 Feb 2027 06:09:09 GMT
/
sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/ Frame 2A6B
Redirect Chain
  • https://sync.richaudience.com/f7872c90c5d3791e2b51f7edce1a0a5d/?p=25BiP9IMgN&r=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fuid%3D[PDID]%26dc%3Dfabfd6762b833237%26fi%3Dd908aed30d4513ef
  • https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
95 B
222 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png

Redirect headers

location
https://sync.richaudience.com/bf7c142f4339da0278e83698a02b0854/?consentString=&referrer=https%3A%2F%2Fads.us.e-planning.net%2F
date
Mon, 14 Feb 2022 06:09:09 GMT
server
nginx/1.14.2
content-type
text/html; charset=UTF-8
um
u-ams02.e-planning.net/ Frame 2A6B
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D8103fa85295fbe60%26fi%3Dd908aed30d4513ef%26uid%3D%24UID
  • https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d908aed30d4513ef&uid=50512152093557099
42 B
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d908aed30d4513ef&uid=50512152093557099
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
5.178.65.246 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
server
openresty
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:09 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
7167727d-569f-4790-8be4-6b15f01694c4
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://u-ams02.e-planning.net/um?dc=8103fa85295fbe60&fi=d908aed30d4513ef&uid=50512152093557099
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
uu
ih.adscale.de/ Frame D069
Redirect Chain
  • https://ih.adscale.de/uu?cbfn=receive&t=1644818951
  • https://ih.adscale.de/uu?cbfn=receive&t=1644818951&nut&uu=5846078ef9854425afe37b8a2466bf05
44 B
214 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/uu?cbfn=receive&t=1644818951&nut&uu=5846078ef9854425afe37b8a2466bf05
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Server
35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c8ca7b3d35fa9507339d4ebeae05f3a86f78203a6e4680d096e483c92c091c9f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
content-length
44
content-type
text/javascript;charset=ISO-8859-1

Redirect headers

location
https://ih.adscale.de/uu?cbfn=receive&t=1644818951&nut&uu=5846078ef9854425afe37b8a2466bf05
date
Mon, 14 Feb 2022 06:09:09 GMT
content-length
0
usync.html
eus.rubiconproject.com/ Frame 3829
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?&p=12186&endpoint=eu
  • https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Feb 2022 06:09:09 GMT
Connection
keep-alive
Vary
Accept-Encoding

Redirect headers

server
AkamaiGHost
content-length
0
location
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
date
Mon, 14 Feb 2022 06:09:09 GMT
access-control-allow-credentials
true
access-control-allow-origin
*
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 594F 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156631&s=&predirect=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3Da208d9366469aa64%26fi%3Dd908aed30d4513ef%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=140198
expires
Tue, 15 Feb 2022 21:05:47 GMT
date
Mon, 14 Feb 2022 06:09:09 GMT
vary
Accept-Encoding
usermatch
ssum.casalemedia.com/ Frame FE66 		1 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
6b14f6f125a1709d61451edca5b6b94ab0e573e183277054f6a7594b0ca46499

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
39|230|241|73|152|4|218|81
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 14 Feb 2022 06:09:09 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:09 GMT
Content-Length
1521
Connection
keep-alive
navegg_2022_01_br.html
i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/ Frame E278 		1 KB
963 B 		Document
General
Check archive.org
Download Go to
Full URL
https://i.e-planning.net/esb/4/1/3fb8/2c3914c3ca0f7642/navegg_2022_01_br.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
205.234.175.175 , United States, ASN30081 (CACHENETWORKS, US),
Reverse DNS
vip1.G-anycast1.cachefly.net
Software
CFS 0215 /
Resource Hash
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
content-type
text/html
content-length
624
x-cff
B
last-modified
Tue, 11 Jan 2022 17:16:33 GMT
etag
W/"61ddbb71-5f5"
expires
Sun, 10 Jan 2027 17:30:27 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
x-cf3
M
cf4age
0
x-cf-tsc
1641922228
cf4ttl
157680000.000
content-encoding
gzip
x-cf2
H
server
CFS 0215
x-cf1
29080:fB.cdg1:co:1585621119:cacheB.cdg1-01:H
accept-ranges
bytes
/
onetag-sys.com/usync/ Frame 588E 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=5927d926323dc2c
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
/
spl.zeotap.com/ Frame B23C 		7 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
26ec60e4b03e6e00a43daeda6c8bb6727af9caad66d9ed0f896d5951b389417e

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
content-type
text/html
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://ads.us.e-planning.net
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6dd420439a9c7198-LHR
content-encoding
br
activeview
pagead2.googlesyndication.com/pcs/ Frame 057B 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvHei8TIMjeEdKetZr8myfLmnN7wiBEXfELmEfqnDXEFVeOotnjuYN5qXbjURpMr_vePX3IMXUForZvKB2IQXkouNRT267hrLgDAb4J&sai=AMfl-YQFxPbnofsWQ-weH0h3eBBh9ZMqidsbRHkQHe6923bOPknYSM8vgzFZTxLQthgEvscN52NKaeA1bXYvtxePlOb--nakVpFgRGuEEY27r4jtj79GR3y6WRGalOYYBG8&sig=Cg0ArKJSzIJJwDbLW3EWEAE&cid=CAASFeRoRJvCQT-7xq1Jayv8KDUdZi18_Q&id=lidar2&mcvt=1006&p=498,1283,748,1583&mtos=1006,1006,1006,1006,1006&tos=1006,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=3365761260&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644818949743&rpt=543&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A7F7 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv6yoLFAuttg5ATVled__XwDb1N08uOWawN3O6fjM1gScoUdSJGqGOFpcJCN40u6FEkGOfKUGqiTsWRmwzBCbZySdPOyvFUvDKPYCuz&sai=AMfl-YRchSPN4z1phs5WjR6qI1x4eg7FUi0qqvv9Ef-EosacL9bwCrZqNsTsQXNCKWtZU1UDL25MUAtYbBGDCHjAj-pMI9dGXRbE_sm9jAKQn1Y5l_LqQ6X3m-7HyZNWWSc&sig=Cg0ArKJSzNZJhz6UNdoCEAE&cid=CAASFeRooFkFezlDcliB-urh1hk9jB79DQ&id=lidar2&mcvt=1012&p=110,315,360,1285&mtos=1012,1012,1012,1012,1012&tos=1012,0,0,0,0&v=20220209&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=4279775946&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644818949687&rpt=612&isd=0&lsd=0&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
prebid
ib.adnxs.com/ut/v3/ Frame A1B8 		19 B
860 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:09 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
875acae6-223b-443d-b9a7-6ec4db400a8d
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://thesource.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A1B8 		173 B
399 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.153.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-153-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
a8f446762916e3a2b8fec22eef21d4bfbc6629bf22be4d57ee40b89df8d8e113

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
content-encoding
gzip
x-prebid
pbs-java/1.82.0
content-type
application/json
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
167
expires
0
auction
prebid-server.rubiconproject.com/openrtb2/ Frame A1B8 		173 B
400 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.192.153.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-192-153-193.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
c76c5e5655247974a010b3b41e632f8f15bda46dd1755de5193f12a8993ed114

Request headers

Referer
https://thesource.com/
Accept-Language
en-GB,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
content-encoding
gzip
x-prebid
pbs-java/1.82.0
content-type
application/json
access-control-allow-origin
https://thesource.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
168
expires
0
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame A1B8 		361 KB
120 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/live/liveVideo.php?vpaidManager=sekindo&s=58057&ri=6C69766553746174737C736B317B54307D7B64323032322D30322D31345F30387D7B7331333733343635307D7B4335377D7B536447686C63323931636D4E6C4C6D4E7662513D3D7D7B626368726F6D657D7B716465736B746F707D7B6F77696E646F77737D7B583536337D7B593331377D7B66317D7B7251554A5549433867626E567451324674634746705A32357A5158566A64476C7662694176494445674C7941784E513D3D7D7B4C373737327DFEFE&userIpAddr=82.199.130.39&userUA=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F98.0.4758.80+Safari%2F537.36&debugInformation=ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&isWePassGdpr=0&noViewableMidrollPolicy=vary&isDoublePreroll=1&autoSkipVideoSec=30&c2pWaitTime=10&isSinglePageFloatSupport=0&csuuid=6209f20444391&debugInfo=13734650_ABT+%2F+numCampaignsAuction+%2F+1+%2F+15&debugPlayerSession=&pubUrlDEMO=&isAsyncDEMO=0&customPlaylistIdDEMO=&sta=13734650&showLogo=0&clkUrl=&plMult=-1&schedule=eyJwcmVfcm9sbCI6MSwibWlkX3JvbGwiOltdLCJnYXAiOiJhdXRvIn0%3D&content=plembed1ba9zkonyuhx&secondaryContent=&x=563&y=317&pubUrl=https%3A%2F%2Fthesource.com%2F&contentNum=1&flow_closeBtn=1&flowCloseTimeout=0&flow_closeButtonPosition=right&flow_direction=br&flow_horizontalOffset=10&flow_bottomOffset=10&impGap=1&flow_width=400&flow_height=225&videoType=flow&gdpr=1&gdprConsent=&contentFeedId=&geoLati=51.2993&geoLong=9.491&vpTemplate=7772&flowMode=below&isRealPreroll=0&playerApiId=&isApp=0&ccpa=0&ccpaConsent=&subId=thesource.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
deb1e7df8638fc8dc41f0559886fa0345821f65d677cef7bd0868a768b11a421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
122262
x-xss-protection
0
expires
Mon, 14 Feb 2022 06:09:09 GMT
getuid
ib.adnxs.com/ Frame B23C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
pixel
cm.g.doubleclick.net/ Frame B23C 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://pixel.tapad.com/idsync/ex/push?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BTA_DEVICE_ID%7D%26zpartnerid%3D5%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent...
  • https://mwzeom.zeotap.com/mw?cid=db1a488b-5632-49fd-ba23-5b11149174e1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=db1a488b-5632-49fd-ba23-5b11149174e1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd420460d337198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?cid=db1a488b-5632-49fd-ba23-5b11149174e1&zpartnerid=5&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
date
Mon, 14 Feb 2022 06:09:09 GMT
via
1.1 google
alt-svc
clear
content-length
0
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
/
dmp.adform.net/serving/cookie/match/ Frame B23C 		0
331 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D7...
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=2xlgrzl&ttd_tpi=1&ttd_puid=env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D7...
  • https://mwzeom.zeotap.com/mw?cid=0198e94a-860a-47fd-939b-7dbd9121fbdd&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=0198e94a-860a-47fd-939b-7dbd9121fbdd&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd420460d307198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://mwzeom.zeotap.com/mw?cid=0198e94a-860a-47fd-939b-7dbd9121fbdd&zpartnerid=6&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
481
cm
trc.taboola.com/sg/zeotap/1/ Frame B23C 		0
165 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://trc.taboola.com/sg/zeotap/1/cm?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:4e42:600::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-vcl-time-ms
41
date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 varnish
server
nginx
x-timer
S1644818950.460293,VS0,VE41
x-cache
MISS
x-cache-hits
0
accept-ranges
bytes
content-length
0
x-served-by
cache-icn1450055-ICN
u
dmp.v.fwmrm.net/ad/ Frame B23C 		0
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.v.fwmrm.net/ad/u?mode=echo&cr=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1368%26env%3DmWeb%26cid%3D%23%7Buser.id%7D%26gdpr%3D%24%7BGDPR_ENFORCED%7D%26gdpr_consent%3D%24%7BGDPR_CONSENT%7D
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
P3P
policyref="https://www.freewheel.tv/w3c/p3p.xml",CP="ALL DSP COR NID"
Cache-Control
no-store
Connection
keep-alive
Content-Type
text/html
Keep-Alive
timeout=300
Content-Length
0
Expires
0
UCookieSetPug
image6.pubmatic.com/AdServer/ Frame B23C 		0
163 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image6.pubmatic.com/AdServer/UCookieSetPug?gdpr=1&gdpr_consent=&rd=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1384%26env%3DmWeb%26cid%3D%23PM_USER_ID%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
198.47.127.19 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:08 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
0
content-type
text/html; charset=UTF-8
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3169&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=136...
  • https://mwzeom.zeotap.com/mw?cid=a47d662d-d462-4880-92e1-3a2d54e1cde5&zpartnerid=317&gdpr=1&gdpr_consent=
95 B
187 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=a47d662d-d462-4880-92e1-3a2d54e1cde5&zpartnerid=317&gdpr=1&gdpr_consent=
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd42045cce77198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
server
Apache-Coyote/1.1
location
https://mwzeom.zeotap.com/mw?cid=a47d662d-d462-4880-92e1-3a2d54e1cde5&zpartnerid=317&gdpr=1&gdpr_consent=
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=199624&dpuuid=a7d0e044-c12d-4eca-408f-689f066ba20a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env%3DmWeb%26eventType%3D...
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=199624&dpuuid=a7d0e044-c12d-4eca-408f-689f066ba20a&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%24%7BDD_UUID%7D%26zpartnerid%3D314%26env...
  • https://mwzeom.zeotap.com/mw?cid=04426606487396862351521073587310657736&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=04426606487396862351521073587310657736&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd420468db87198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

DCS
dcs-prod-irl1-1-v027-0a49fd80e.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
GLv6zBVESik=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://mwzeom.zeotap.com/mw?cid=04426606487396862351521073587310657736&zpartnerid=314&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
/
loadeu.exelator.com/load/ Frame B23C 		0
324 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://loadeu.exelator.com/load/?p=709&g=008&j=0&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.78.254.47 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
Software
nginx / Undertow/1
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
cache-control
no-cache
access-control-allow-credentials
true
server
nginx
x-powered-by
Undertow/1
p3p
policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA, policyref=/w3c/p3p.xml, CP=NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://bn01.er.bemail.it/zeotap.php?_bid=a7d0e044-c12d-4eca-408f-689f066ba20a&_from=Zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-...
  • https://mwzeom.zeotap.com/mw?cid=BE1-2022021407-32186-0.141778001644818950-b6c10362ecc5d58f057770fb35c346ff&zdid=533&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=BE1-2022021407-32186-0.141778001644818950-b6c10362ecc5d58f057770fb35c346ff&zdid=533&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd420461d477198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=BE1-2022021407-32186-0.141778001644818950-b6c10362ecc5d58f057770fb35c346ff&zdid=533&env=mWeb
Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
nginx/1.10.2
Connection
keep-alive
X-Powered-By
PHP/5.4.16
Transfer-Encoding
chunked
Content-Type
text/html
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?redirect=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%25%25COOKIE%25%25%26env%3DmWeb%26zpartnerid%3D563%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_con...
  • https://mwzeom.zeotap.com/mw?cid=7064443593810180246&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=7064443593810180246&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd42045ed0a7198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Location
https://mwzeom.zeotap.com/mw?cid=7064443593810180246&env=mWeb&zpartnerid=563&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Date
Mon, 14 Feb 2022 06:09:09 GMT
Server
nginx
Connection
keep-alive
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
receive
pixel.tapad.com/idsync/ex/ Frame B23C 		95 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.tapad.com/idsync/ex/receive?partner_id=2885&partner_device_id=a7d0e044-c12d-4eca-408f-689f066ba20a
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
159.248.227.35.bc.googleusercontent.com
Software
/
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
via
1.1 google
content-type
image/png
alt-svc
clear
content-length
95
strict-transport-security
max-age=31536000
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a7d0e044-c12d-4eca-408f-689f066ba20a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://idsync.frontend.weborama.fr/ids?key=zeotap&value=a7d0e044-c12d-4eca-408f-689f066ba20a&url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fwebouuid%3D%7BWEBO_CID%7D%26env%3DmWeb%26zpartnerid%3D431%26...
  • https://mwzeom.zeotap.com/mw?webouuid=gAqgh.5uSItXUp7RSBwDZ.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?webouuid=gAqgh.5uSItXUp7RSBwDZ.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd420476e9e7198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
last-modified
Mon, 14 Feb 2022 06:09:10 GMT
server
nginx/1.12.0
location
https://mwzeom.zeotap.com/mw?webouuid=gAqgh.5uSItXUp7RSBwDZ.&env=mWeb&zpartnerid=431&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
p3p
CP="NOI DSP COR CURa DEVa PSAa OUR STP UNI DEM"
access-control-allow-origin
*
cache-control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Tue, 03 Jul 2001 06:00:00 GMT
2.gif
dmp.theadex.com/d/949/i/ Frame B23C 		36 B
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.theadex.com/d/949/i/2.gif?axd_fuid=a7d0e044-c12d-4eca-408f-689f066ba20a&axd_pid=175
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
89.163.159.108 , Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),
Reverse DNS
Software
nginx /
Resource Hash
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
nginx
content-type
image/gif
cache-control
no-store, no-cache, must-revalidate
access-control-allow-credentials
true
content-length
36
expires
0
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://bcp.crwdcntrl.net/map/c=13620/tp=ZEOT/tpid=a7d0e044-c12d-4eca-408f-689f066ba20a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_con...
  • https://bcp.crwdcntrl.net/map/ct=y/c=13620/tp=ZEOT/tpid=a7d0e044-c12d-4eca-408f-689f066ba20a?https://mwzeom.zeotap.com/mw?pid=${profile_id}&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdp...
  • https://mwzeom.zeotap.com/mw?pid=b1de5e0acbc9c91360d3219971e8fde5&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c6...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?pid=b1de5e0acbc9c91360d3219971e8fde5&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd42047cef97198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
Jetty(9.4.38.v20210224)
p3p
CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location
https://mwzeom.zeotap.com/mw?pid=b1de5e0acbc9c91360d3219971e8fde5&zpartnerid=637&env=mWeb&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
cache-control
no-cache
x-server
10.45.25.117
content-length
0
expires
0
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ZTAP
  • https://mwzeom.zeotap.com/mw?cid=y-UNCKZtdE2orQLc9pbZqW3HbdLlNDv.dZeg--~A&zpartnerid=570&env=mWeb
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=y-UNCKZtdE2orQLc9pbZqW3HbdLlNDv.dZeg--~A&zpartnerid=570&env=mWeb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd420479ec47198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

date
Mon, 14 Feb 2022 06:09:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-frame-options
DENY
content-type
text/html;charset=utf-8
location
https://mwzeom.zeotap.com/mw?cid=y-UNCKZtdE2orQLc9pbZqW3HbdLlNDv.dZeg--~A&zpartnerid=570&env=mWeb
x-xss-protection
1; mode=block
strict-transport-security
max-age=31536000
content-length
0
x-content-type-options
nosniff
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://aa.agkn.com/adscores/g.pixel?sid=9212299398&zctry=DEU&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zd...
  • https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ChKoyJk2pBmEv4ivxVONzm8wzGEgeITC%2BS41iYitP1U%3D
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ChKoyJk2pBmEv4ivxVONzm8wzGEgeITC%2BS41iYitP1U%3D
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd42047bee87198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
AAWebServer
p3p
policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location
https://mwzeom.zeotap.com/mw?zpartnerid=660&env=mWeb&zctry=DEU&zdid=1361&cid=ChKoyJk2pBmEv4ivxVONzm8wzGEgeITC%2BS41iYitP1U%3D
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
usermatch.gif
beacon.krxd.net/ Frame B23C 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=zeotap&partner_uid=141838&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.48.40.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-40-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1644818950
x-served-by
beacon-n019-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
/
sync.richaudience.com/1988B3F6BED450961C9D70DD91/ Frame B23C 		95 B
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.richaudience.com/1988B3F6BED450961C9D70DD91/?uuid=a7d0e044-c12d-4eca-408f-689f066ba20a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
162.55.233.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.29.233.55.162.clients.your-server.de
Software
nginx/1.14.2 /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
server
nginx/1.14.2
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
content-type
image/png
cQZGoH6Q
sync-tm.everesttech.net/upi/pid/ Frame B23C 		0
177 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644818950.272100,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4025-HHN
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://pixel.mathtag.com/sync/img?mt_exid=10092&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fcid%3D%5BMM_UUID%5D%26env%3DmWeb%26zpartnerid%3D979%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_co...
  • https://mwzeom.zeotap.com/mw?cid=11bb6209-f206-4f00-b14b-a3aee7b8ab78&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db...
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?cid=11bb6209-f206-4f00-b14b-a3aee7b8ab78&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd42048dffd7198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
MT3 4133 baa842e master cdg-pixel-x8 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://mwzeom.zeotap.com/mw?cid=11bb6209-f206-4f00-b14b-a3aee7b8ab78&env=mWeb&zpartnerid=979&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
0
Expires
Mon, 14 Feb 2022 06:09:09 GMT
usermatch.gif
beacon.krxd.net/ Frame B23C
Redirect Chain
  • https://usermatch.krxd.net/um/v2?partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
  • https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238...
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
52.48.40.152 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-48-40-152.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
cache-control
private, no-cache, no-store
x-request-time
D=61 t=1644818950
x-served-by
beacon-n003-dub-prod.krxd.net
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?kuid_status=new&partner=zeotap&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
date
Mon, 14 Feb 2022 06:09:10 GMT
x-cache-hits
0
x-age
0
content-length
0
x-cache
MISS
x-served-by
usermatch-a015-ash-prod.krxd.net
dcm
aax-eu.amazon-adsystem.com/s/ Frame B23C
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7d0e044-c12d-4eca-408f-689f066ba20a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408...
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7d0e044-c12d-4eca-408f-689f066ba20a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408...
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7d0e044-c12d-4eca-408f-689f066ba20a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361&dcc=t
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Server
52.94.223.167 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
ATQY3T2RWV4CZZ0Z5H0G
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BP73P0NP0G3SWZXPNS83
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://aax-eu.amazon-adsystem.com/s/dcm?pid=cda341cb-196c-4da8-897b-752ce4bb588d&id=a7d0e044-c12d-4eca-408f-689f066ba20a&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
87734
tags.bluekai.com/site/ Frame B23C 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/87734?id=a7d0e044-c12d-4eca-408f-689f066ba20a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.92.72.137 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-72-137.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:10 GMT
Connection
keep-alive
Content-Length
0
P3P
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
mw
mwzeom.zeotap.com/ Frame B23C
Redirect Chain
  • https://obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com/zeo?url=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1395%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d...
  • https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
95 B
153 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
cf-ray
6dd4204a99c47198-LHR
access-control-allow-headers
*
content-length
95

Redirect headers

location
https://mwzeom.zeotap.com/mw?zpartnerid=1395&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
date
Mon, 14 Feb 2022 06:09:10 GMT
cross-origin-resource-policy
cross-origin
content-length
0
cmp.min.js
spl.zeotap.com/ Frame B23C 		557 B
499 B 		Script
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3594b521ac9e1cf8934ee7d095374efd7a898100a8caa3b8bba75e5dd144a64f

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

cf-ray
6dd420441b0b7198-LHR
date
Mon, 14 Feb 2022 06:09:09 GMT
via
1.1 google
cf-cache-status
MISS
last-modified
Mon, 14 Feb 2022 06:09:09 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
text/plain; charset=utf-8
access-control-allow-origin
https://spl.zeotap.com
access-control-allow-credentials
true
content-encoding
br
access-control-allow-headers
*
userconnect.js
js.adscale.de/ Frame D069 		14 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/userconnect.js
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
RDbkbbEkeL_jx2aQCUJWWto0O341I1en
content-encoding
br
last-modified
Tue, 08 Feb 2022 03:53:52 GMT
server
AmazonS3
age
1328
etag
W/"98f37b242862929d9aef4bde91abc8ad"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 14 Feb 2022 05:47:02 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
FqJdcWiFhJAEYb9YwJ5n1ywGSnmC0cdgFSJFG60KyppW8AcpDOhmJA==
csync
sync.console.adtarget.com.tr/ Frame D069 		0
419 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307565&extuid=5846078ef9854425afe37b8a2466bf05
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/pbsync.html?gdpr=0&gdpr_consent=&redirect=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307565%26extuid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:09 GMT
Server
VertaMedia 1.0
Etag
11819c6668a8fc72
Content-Length
0
cmp
spl.zeotap.com/ Frame B23C 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://spl.zeotap.com/cmp?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361&cmp=0
Requested by
Host: spl.zeotap.com
URL: https://spl.zeotap.com/cmp.min.js?env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:1857 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://spl.zeotap.com/?zdid=1361&env=mWeb&gdpr=1&gdpr_consent=&eventType=map

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
access-control-allow-credentials
true
access-control-allow-headers
*
access-control-allow-origin
https://spl.zeotap.com
vary
Origin
via
1.1 google
cf-cache-status
DYNAMIC
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server
cloudflare
cf-ray
6dd420447b5b7198-LHR
userconnect
ih.adscale.de/ Frame D069 		149 B
224 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/userconnect?ssl=1&sid=0&cbfn=stroeerCoreConnect&ts=1644818951586&umd=false&gdpr=0&gdpr_version=2&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
content-length
149
content-type
application/javascript
usync.js
eus.rubiconproject.com/ Frame 3829 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e528b8c0e105d81f18326e49356c70fe222990dc412150a53671528d2a6c89b3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:09 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19744
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 14 Feb 2022 11:38:13 GMT
map
ih.adscale.de/ Frame E045 		3 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Requested by
Host: js.adscale.de
URL: https://js.adscale.de/userconnect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
db414f3dbb10685b6fa7ca11e56cad8a4fa2f9761af51c94c22eb36e404c9c24

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://js.adscale.de/

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
content-type
text/html;charset=ISO-8859-1
content-length
2604
casale
match.adsrvr.org/track/cmf/ Frame FE66 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame FE66 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame FE66
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB&dcc=t
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
JCBMRQTV8QW2C3VA3DD3
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
YQ6M12F2T5AF70GE5JVD
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
YgnyBJBcyJc9noldbsjVywAAAUAAAAAB
pr-bh.ybp.yahoo.com/sync/casale/ Frame FE66 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/casale/YgnyBJBcyJc9noldbsjVywAAAUAAAAAB?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:8032:ea84:336c:262b Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
crum
dsum-sec.casalemedia.com/ Frame FE66
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=920cd561-abbd-47f1-885f-bcaae4b0e88d
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=920cd561-abbd-47f1-885f-bcaae4b0e88d
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:10 GMT

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=920cd561-abbd-47f1-885f-bcaae4b0e88d
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame FE66
Redirect Chain
  • https://ad.turn.com/r/cs?pid=21&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9033136977621647392
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9033136977621647392
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:10 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=4&external_user_id=9033136977621647392
pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
ibs:dpid=23728&dpuuid=YgnyBJBcyJc9noldbsjVywAA%26320
dpm.demdex.net/ Frame FE66 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=23728&dpuuid=YgnyBJBcyJc9noldbsjVywAA%26320?gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.214.166.97 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-214-166-97.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
rum
dsum-sec.casalemedia.com/ Frame FE66
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ndGWos3RlqmG0ceum4GLq8jaxaiG05Osz9dQ5Tng
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ndGWos3RlqmG0ceum4GLq8jaxaiG05Osz9dQ5Tng
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:10 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&&external_user_id=ndGWos3RlqmG0ceum4GLq8jaxaiG05Osz9dQ5Tng
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
um
u-ams02.e-planning.net/ Frame FE66 		42 B
103 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://u-ams02.e-planning.net/um?dc=99e41df815fd80b4&fi=d908aed30d4513ef&uid=YgnyBJBcyJc9noldbsjVywAA%26320
Requested by
Host: ssum.casalemedia.com
URL: https://ssum.casalemedia.com/usermatch?s=190243&cb=https%3A%2F%2Fu-ams02.e-planning.net%2Fum%3Fdc%3D99e41df815fd80b4%26fi%3Dd908aed30d4513ef%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.246 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
ads.us.e-planning.net
Software
openresty /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
server
openresty
content-type
image/gif
sync.php
pixel-eu.rubiconproject.com/exchange/ Frame 3829 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-eu.rubiconproject.com/exchange/sync.php?p=12186&khaos=KZMAQDUW-1W-886M
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif
envelope
api.rlcdn.com/api/identity/ 		0
0
async_usersync.html
acdn.adnxs.com/dmp/ Frame B06B 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 15 Feb 2022 06:09:12 GMT
Date
Mon, 14 Feb 2022 06:09:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
sync
eb2.3lift.com/ Frame BC00 		1 KB
1023 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
ab51abece78c7051aa8ce65c192dba04c920b6e0d1796228c291a3feb8c5df76

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
content-type
text/html; charset=utf-8
content-length
459
content-encoding
gzip
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control
no-cache, no-store, must-revalidate
ixmatch.html
js-sec.indexww.com/um/ Frame FF6A 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 14 Feb 2022 06:09:10 GMT
Connection
keep-alive
pd
u.openx.net/w/1.0/ Frame 0968 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Mon, 14 Feb 2022 06:09:10 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
/
onetag-sys.com/usync/ Frame 22BF 		2 KB
814 B 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?cb=1644818948346
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.75.86.98 , France, ASN16276 (OVH, FR),
Reverse DNS
ip98.ip-51-75-86.eu
Software
/
Resource Hash
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

content-type
text/html
cache-control
no-transform, no-cache
content-encoding
gzip
content-length
731
strict-transport-security
max-age=15552000
usync.html
eus.rubiconproject.com/ Frame CFEF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html
Requested by
Host: hb-thesource.s3.us-east-2.amazonaws.com
URL: https://hb-thesource.s3.us-east-2.amazonaws.com/new/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Feb 2022 06:09:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
match.js
js.adscale.de/ Frame E045 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://js.adscale.de/match.js
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:224a:4400:f:4f64:8940:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

x-amz-version-id
cvBg4cQXVqiPA6nFf_.gUz5Jr9PVQrc8
content-encoding
br
last-modified
Tue, 08 Feb 2022 03:53:52 GMT
server
AmazonS3
age
916
etag
W/"b75124846aec28a28b7a3441813682d5"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
via
1.1 5b9a6276a0cfe21df57da85d975de2dc.cloudfront.net (CloudFront)
cache-control
max-age=7200
date
Mon, 14 Feb 2022 05:53:55 GMT
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
dgGRUX7ioie2dLY3uMV4pnCNYEYE-_G4k4kR4fvRSqOLASYOQ0cuwQ==
bridge3.498.1_en.html
imasdk.googleapis.com/js/core/ Frame 4775 		585 KB
190 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.498.1_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
3e0c0fe001921c544a208dde542e5ad60dc01f58280a5d276506aef30f8d5d61
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length
194659
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
date
Tue, 08 Feb 2022 23:56:27 GMT
expires
Wed, 08 Feb 2023 23:56:27 GMT
cache-control
public, max-age=31536000
last-modified
Tue, 08 Feb 2022 23:54:13 GMT
content-type
text/html
age
454363
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
client.js
s0.2mdn.net/instream/video/ Frame A1B8 		44 KB
16 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s0.2mdn.net/instream/video/client.js
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:810::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
text/javascript
cache-control
private, max-age=900
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
16746
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Mon, 14 Feb 2022 06:09:10 GMT
integrator.js
adservice.google.com/adsid/ Frame A1B8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thesource.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 06:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
cc.js
tags.crwdcntrl.net/c/15238/ Frame 2A6B 		38 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tags.crwdcntrl.net/c/15238/cc.js?ns=_cc15238
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/1/3fb8/69b1486c74a3b7dc/lotame.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.248.33 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-248-33.dus51.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Sun, 13 Feb 2022 18:15:14 GMT
content-encoding
gzip
etag
W/"2b2f816f40499d384e118ce88a266e02"
last-modified
Thu, 02 Jul 2020 15:35:12 GMT
server
AmazonS3
age
42837
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/json
via
1.1 8d4901eb4989773bb579fc1597e54ea8.cloudfront.net (CloudFront)
cache-control
max-age: 86400
x-amz-cf-pop
DUS51-P1
x-amz-cf-id
srbwG65-kouMx_bQnHNseJkZjyOabZ6XT6dRJ3zp-pN48UXUmLmgog==
sirdata_03022021.html
s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/ Frame 2F22 		636 B
577 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
5.178.65.252 Amersfoort, Netherlands, ASN50673 (SERVERIUS-AS, NL),
Reverse DNS
i.e-planning.net
Software
openresty /
Resource Hash
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

server
openresty
date
Mon, 14 Feb 2022 06:09:09 GMT
content-type
text/html
last-modified
Wed, 03 Feb 2021 21:18:20 GMT
etag
W/"601b131c-27c"
expires
Sat, 13 Feb 2027 06:09:09 GMT
cache-control
max-age=157680000
access-control-allow-origin
*
content-encoding
gzip
csync
sync.console.adtarget.com.tr/ Frame 7C73 		0
403 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.console.adtarget.com.tr/csync?t=a&ep=307442&extuid=AIBmG0l3I1jSJ6Rb
Requested by
Host: ads.us.e-planning.net
URL: https://ads.us.e-planning.net/uspd/1/?ct=1&du=https%3A%2F%2Fsync.console.adtarget.com.tr%2Fcsync%3Ft%3Da%26ep%3D307442%26extuid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
62.149.0.72 , Ukraine, ASN15497 (COLOCALL Internet Data Center ColoCALL, UA),
Reverse DNS
0-72.cc86365-03-tmp.cc.colocall.com
Software
VertaMedia 1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ads.us.e-planning.net/

Response headers

Server
VertaMedia 1.0
Date
Mon, 14 Feb 2022 06:09:10 GMT
Content-Length
0
Etag
d8e25e30751d8ce8
pixel
cm.g.doubleclick.net/ Frame 3829
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2249&pt=n
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNkN2ZiZDY4Y2E2ZmE3NzZhYzUxMzRiZmQ3MTMzYWExYmQ0YjAwNw
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNkN2ZiZDY4Y2E2ZmE3NzZhYzUxMzRiZmQ3MTMzYWExYmQ0YjAwNw
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=NjNkN2ZiZDY4Y2E2ZmE3NzZhYzUxMzRiZmQ3MTMzYWExYmQ0YjAwNw
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3829
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/8XBKtYhKU0b3Um3jb4Deqcn5EUdSAgOZEtemQ7w0kco?csrc=
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7027309189656695243
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7027309189656695243
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

date
Mon, 14 Feb 2022 06:09:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7027309189656695243
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
tap.php
pixel.rubiconproject.com/ Frame 3829
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
  • https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=aa056209-f206-4f00-94dc-7a4c159709e4
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=aa056209-f206-4f00-94dc-7a4c159709e4
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
MT3 4133 baa842e master zrh-pixel-x10 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=aa056209-f206-4f00-94dc-7a4c159709e4
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 14 Feb 2022 06:09:09 GMT
rubicon
match.adsrvr.org/track/cmf/ Frame 3829 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 3829
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pNQVFEVVctMVctODg2TQ==
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pNQVFEVVctMVctODg2TQ==
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1pNQVFEVVctMVctODg2TQ==
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 3829
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFnRLwNHRfKyknlht668x2A&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFnRLwNHRfKyknlht668x2A&google_cver=1
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
HTTP/1.1
Server
69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
3bafef7aa4e37890defcd73f0a080481
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESEFnRLwNHRfKyknlht668x2A&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
326
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
v1
ads.yahoo.com/cms/ Frame 3829
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZMAQDUW-1W-886M&sigv=1&esig=2~a20d414419d7d01516365cccfe4f4a9cf3944a6b
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZMAQDUW-1W-886M&sigv=1&esig=2~a20d414419d7d01516365cccfe4f4a9cf3944a6b
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Server
2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KZMAQDUW-1W-886M&sigv=1&esig=2~a20d414419d7d01516365cccfe4f4a9cf3944a6b
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
a66cbf3142c6ef39e3614b84a34262cf
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
709414.gif
id.rlcdn.com/ Frame 3829 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?&p=12186&endpoint=eu
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
omweb-v1.js
pagead2.googlesyndication.com/omsdk/releases/live/ Frame FF87 		37 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js
Requested by
Host: srcdoc
URL: about:srcdoc
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 05:12:25 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
3405
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
12861
x-xss-protection
0
last-modified
Tue, 26 Oct 2021 20:08:54 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="omsdk-team-release-policy"
vary
Accept-Encoding
report-to
{"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type
text/javascript
cache-control
public, max-age=3600
accept-ranges
bytes
expires
Mon, 14 Feb 2022 06:12:25 GMT
img
ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/ Frame E045
Redirect Chain
  • https://bbnaut.ibillboard.com/match/AdScale?partneruid=5846078ef9854425afe37b8a2466bf05&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fimg%3Ftpid%...
  • https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=101&tpuid=BBID-01-03195329503556354-16525656
49 B
468 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=101&tpuid=BBID-01-03195329503556354-16525656
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
nginx
Transfer-Encoding
chunked
p3p
CP="CUR ADM DEV OUR STP PRE DSP NOI COR NID"
Location
https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=101&tpuid=BBID-01-03195329503556354-16525656
Cache-Control
private, max-age=3600
Access-Control-Allow-Credentials
true
Connection
close
generic
match.adsrvr.org/track/cmf/ Frame BC00 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.223.40.198 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
xuidmid=7976&xuid=3tj6fyN4M&dongle=u6nf
eb2.3lift.com/ Frame BC00
Redirect Chain
  • https://ad.mrtnsvr.com/sync/triplelift
  • https://eb2.3lift.com/xuidmid=7976&xuid=3tj6fyN4M&dongle=u6nf
37 B
155 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuidmid=7976&xuid=3tj6fyN4M&dongle=u6nf
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
cache-control
no-cache, no-store, must-revalidate
x-error
Not Found
content-length
37
content-type
image/gif

Redirect headers

location
https://eb2.3lift.com/xuidmid=7976&xuid=3tj6fyN4M&dongle=u6nf
date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
92
vary
Origin
content-type
text/html; charset=utf-8
pixel
cm.g.doubleclick.net/ Frame BC00 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame BC00
Redirect Chain
  • https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
  • https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ0MjMyNjEyNjQyNDc4ODc4NTM4MA%3D%3D
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ0MjMyNjEyNjQyNDc4ODc4NTM4MA%3D%3D
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=NDQ0MjMyNjEyNjQyNDc4ODc4NTM4MA%3D%3D
date
Mon, 14 Feb 2022 06:09:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
setuid
px.ads.linkedin.com/ Frame BC00 		0
703 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=4442326126424788785380&dbredirect=true&gdpr=1&consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:09 GMT
x-li-pop
afd-prod-lor1-x
x-msedge-ref
Ref A: 6536A413D22F47F990920B3B49B3407B Ref B: FRAEDGE1306 Ref C: 2022-02-14T06:09:10Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lor1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXX9EFCMWz3Q4DCWlqDtA==
xuid
eb2.3lift.com/ Frame BC00
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/triplelift/4442326126424788785380?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2662&xuid=y-VpKhjFpE2oSZlCv8n9aa251Kd8R5Mmx1FxKi09cfyg--~A&dongle=0883
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2662&xuid=y-VpKhjFpE2oSZlCv8n9aa251Kd8R5Mmx1FxKi09cfyg--~A&dongle=0883
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date
Mon, 14 Feb 2022 06:09:10 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://eb2.3lift.com/xuid?mid=2662&xuid=y-VpKhjFpE2oSZlCv8n9aa251Kd8R5Mmx1FxKi09cfyg--~A&dongle=0883
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
c.gif
c.bing.com/ Frame BC00 		42 B
592 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?xid=4442326126424788785380&Red3=TLMS_pd
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:09 GMT
etag
"9ea1ae3587d81:0"
last-modified
Wed, 12 Jan 2022 02:05:35 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: E36CABB82B794FF08B6B13021E97EB15 Ref B: FRA31EDGE0116 Ref C: 2022-02-14T06:09:10Z
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-type
image/gif
content-length
42
iu3
s.amazon-adsystem.com/ Frame BC00
Redirect Chain
  • https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=4442326126424788785380
  • https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4442326126424788785380&dcc=t
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4442326126424788785380&dcc=t
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Server
209.54.176.128 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
HTJ1XN6N4SK7ZJQNV6Q9
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=4442326126424788785380&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
sync
x.bidswitch.net/ Frame BC00 		43 B
220 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/sync?ssp=triplelift&user_id=4442326126424788785380&gdpr=1&gdpr_consent=
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.161.218 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-161-218.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
xuid
eb2.3lift.com/ Frame BC00
Redirect Chain
  • https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
  • https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
37 B
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by
Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?
Protocol
H2
Server
13.248.245.213 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eb2.3lift.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif

Redirect headers

Location
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Cache-Control
no-cache, no-store, must-revalidate
Expires
Thu, 01 Dec 1994 16:00:00 GMT
Content-Length
95
Content-Type
text/html; charset=utf-8
usync.js
eus.rubiconproject.com/ Frame CFEF 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e528b8c0e105d81f18326e49356c70fe222990dc412150a53671528d2a6c89b3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19743
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 14 Feb 2022 11:38:13 GMT
GS.d
js.cookieless-data.com/ Frame 2F22 		0
535 B 		Script
General
Check archive.org
Download Go to
Full URL
https://js.cookieless-data.com/GS.d?pa=24492&cmp=0&si=1&u=https%3A%2F%2Fs.e-planning.net%2Fesb%2F4%2F0%2F1992d%2Fbb6e7a161f794f56%2Fsirdata_03022021.html&r=https%3A%2F%2Fads.us.e-planning.net%2F&s=&rand=1644818951947
Requested by
Host: s.e-planning.net
URL: https://s.e-planning.net/esb/4/0/1992d/bb6e7a161f794f56/sirdata_03022021.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
51.158.28.83 Paris, France, ASN12876 (Online SAS, FR),
Reverse DNS
51-158-28-83.rev.poneytelecom.eu
Software
nginx/1.11.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; includeSubDomains; preload
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://s.e-planning.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
nginx/1.11.3
Strict-Transport-Security
max-age=15724800; includeSubDomains; preload
P3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
Cross-Origin-Resource-Policy
cross-origin
Connection
keep-alive
Content-Length
0
X-Xss-Protection
0
Expires
Tue, 01 Jan 2000 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame A1B8 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssj3ODLZ27dSL4JilSkb_y9oJT0wsjMmu9T1XMYEff82uXkHRzMOL1iafnS7CPo9VjMYrPnfddcPAR_bn2QynU0ImGCCDEw_se4MxdW7CB5RFJOTGPe&sig=Cg0ArKJSzMSCiCEkPWQPEAE&id=lidar2&mcvt=1005&p=364,450,365,451&mtos=1005,1005,1005,1005,1005&tos=1005,0,0,0,0&v=20220209&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=19&adk=1855928011&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1644818949717&rpt=1318&isd=0&lsd=0&met=ce&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 94A6 		2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
f337be6fa2487c87cb2028bcd81551be3b77d7a35004a66d691aa58691509288

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
46|130|206|88|156|8|3|41
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 14 Feb 2022 06:09:10 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Content-Length
1602
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame B06B 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
aa89422b-35ff-42f7-8ebe-8695b8965b60
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
getuid
secure.adnxs.com/ Frame 94A6 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.172.36 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
692.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers
ie
match.prod.bidr.io/cookie-sync/ Frame 94A6 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame 94A6 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YgnyBJBcyJc9noldbsjVywAAAUAAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
ZMAwryCI
sync-tm.everesttech.net/upi/pid/ Frame 94A6 		0
60 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.194.49 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
Varnish /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644818951.572442,VS0,VE0
x-cache
MISS
cache-control
no-cache
x-cache-hits
0
accept-ranges
bytes
content-length
0
retry-after
0
x-served-by
cache-hhn4025-HHN
cookiesync
bttrack.com/pixel/ Frame 94A6 		35 B
380 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://bttrack.com/pixel/cookiesync?source=67e94f23-25d6-4008-8236-375d1743c2e0&secure=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS
46.bidtellect.com
Software
Microsoft-IIS/8.5 /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

X-ServerName
Track001-dc3
Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
X-AspNetMvc-Version
5.2
Server
Microsoft-IIS/8.5
X-AspNet-Version
4.0.30319
P3P
CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
Cache-Control
private,no-cache
Content-Type
image/gif
Content-Length
35
Expires
-1
crum
dsum-sec.casalemedia.com/ Frame 94A6
Redirect Chain
  • https://beacon.lynx.cognitivlabs.com/ix.gif
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=92644fdd-86b8-4db9-9ec4-c87fb091d6db&expiration=1676354950
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=92644fdd-86b8-4db9-9ec4-c87fb091d6db&expiration=1676354950
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:11 GMT

Redirect headers

location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=8&external_user_id=92644fdd-86b8-4db9-9ec4-c87fb091d6db&expiration=1676354950
date
Mon, 14 Feb 2022 06:09:10 GMT
server
Kestrel
content-length
0
crum
dsum-sec.casalemedia.com/ Frame 94A6
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=15&redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum%3Fcm_dsp_id%3D3%26external_user_id%3D%5BMM_UUID%5D&gdpr=1
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=11bb6209-f206-4f00-b14b-a3aee7b8ab78&gdpr=1&gdpr_consent=
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=11bb6209-f206-4f00-b14b-a3aee7b8ab78&gdpr=1&gdpr_consent=
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:10 GMT

Redirect headers

Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
MT3 4133 baa842e master zrh-pixel-x25 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=3&external_user_id=11bb6209-f206-4f00-b14b-a3aee7b8ab78&gdpr=1&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 14 Feb 2022 06:09:09 GMT
bridge
cm.adgrx.com/ Frame 94A6 		43 B
408 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.adgrx.com/bridge?AG_PID=casale&AG_SETCOOKIE&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.232.228 -, , ASN (),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:11 GMT
server
Cowboy
P3P
CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Type
image/gif
X-RealServer-NX
sjc-delivery-2
Content-Length
43
Expires
Thu, 23 Sep 2004 17:42:04 GMT
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 94A6 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YgnyBJBcyJc9noldbsjVywAA%26320
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:10 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1363
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:31:53 GMT
ads
securepubads.g.doubleclick.net/gampad/ Frame 4775 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F301775111%2FTheSource_Primis_Desktop&description_url=https%3A%2F%2Fthesource.com%2F&env=vp&correlator=3736105321326526&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1&unviewed_position_start=1&cust_params=prmsig%3Dspeczp&sdkv=h.3.498.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=473228536&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.498.1&sid=BF1B79A9-40BF-443D-A15B-B2F77C1DE867&nel=0&eid=44730465%2C44738437%2C44750822&url=https%3A%2F%2Fthesource.com%2F&dt=1644818952297&cookie=ID%3D6894fe1069f89a02-222f68553fcd0030%3AT%3D1644818947%3AS%3DALNI_MbCpx8c00Zwl11DQ0ybqfV9wsm9TQ&scor=3018910582803636&ged=ve4_td2_tt0_pd2_la2000_er228.-2550.381.-2250_vi0.0.1200.1600_vp0_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.498.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E045
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=183592&cb=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D63%26tpuid%3D__UID__&uid=ed92124e089b848d3fc99d521...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgnyBJBcyJc9noldbsjVywAA%26320
49 B
559 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgnyBJBcyJc9noldbsjVywAA%26320
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?gdpr=0&tpid=63&tpuid=YgnyBJBcyJc9noldbsjVywAA%26320
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
309
Expires
Mon, 14 Feb 2022 06:09:10 GMT
usync.html
eus.rubiconproject.com/ Frame D5E0 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

Server
Apache/2.2.15 (CentOS)
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
ETag
"40014-119-5d32342a551c0"
Accept-Ranges
bytes
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Mon, 14 Feb 2022 06:09:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
async_usersync.html
acdn.adnxs.com/dmp/ Frame 7E75 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-232-130.deploy.static.akamaitechnologies.com
Software
nginx/1.13.10 /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

Last-Modified
Wed, 02 Dec 2020 20:56:47 GMT
ETag
"5fc7ff8f-cf34"
Server
nginx/1.13.10
Access-Control-Allow-Origin
*
Content-Type
text/html
Content-Encoding
gzip
Content-Length
17053
Cache-Control
max-age=86402
Expires
Tue, 15 Feb 2022 06:09:12 GMT
Date
Mon, 14 Feb 2022 06:09:10 GMT
Connection
keep-alive
Vary
Accept-Encoding
pd
u.openx.net/w/1.0/ Frame 8A62 		0
35 B 		Document
General
Check archive.org
Download Go to
Full URL
https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
8.159.244.35.bc.googleusercontent.com
Software
OXGW/17.1.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

vary
Accept, Accept-Encoding
server
OXGW/17.1.0
date
Mon, 14 Feb 2022 06:09:10 GMT
content-type
text/html
content-length
20
content-encoding
gzip
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
ixmatch.html
js-sec.indexww.com/um/ Frame 519C 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

Server
Apache
Last-Modified
Thu, 11 Feb 2021 16:12:45 GMT
ETag
"e20015-90b-5bb11ca420f07"
Accept-Ranges
bytes
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
text/html; charset=UTF-8
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
1151
Date
Mon, 14 Feb 2022 06:09:10 GMT
Connection
keep-alive
checksync.php
contextual.media.net/ Frame A989 		22 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CU695QH7&prvid=2034%2C2033%2C2031%2C2030%2C173%2C175%2C2009%2C2028%2C157%2C2027%2C2026%2C159%2C2025%2C117%2C97%2C99%2C77%2C56%2C59%2C3012%2C201%2C4%2C2037%2C203%2C126%2C226%2C80%2C10000%2C9%2C108%2C82%2C109&purpose1=1&gdprconsent=0&gdpr=1&usp_status=0&usp_consent=1&itype=PREBID
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-235-93.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
1cdab6037613a9c32a0192a61159f909dbfcbce634254c454e7a38c687c5f8c3
Security Headers
Name Value
Strict-Transport-Security max-age=604800

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

server
Apache
content-type
text/html; charset=UTF-8
x-mnet-hl2
E
strict-transport-security
max-age=604800
vary
Accept-Encoding
content-encoding
gzip
cache-control
max-age=172800
expires
Wed, 16 Feb 2022 06:09:10 GMT
date
Mon, 14 Feb 2022 06:09:10 GMT
content-length
8183
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame AFA3 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156595&gdpr=1&gdpr_consent=
Requested by
Host: live.primis.tech
URL: https://live.primis.tech/content/prebid/prebidVid.5.18.0_9.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-233-180.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/

Response headers

last-modified
Tue, 01 Feb 2022 06:38:00 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
server
Apache/2.2.15 (CentOS)
accept-ranges
bytes
content-encoding
gzip
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
5549
content-type
text/html; charset=UTF-8
cache-control
max-age=140197
expires
Tue, 15 Feb 2022 21:05:47 GMT
date
Mon, 14 Feb 2022 06:09:10 GMT
vary
Accept-Encoding
sync
ups.analytics.yahoo.com/ups/55953/ Frame A1B8
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
  • https://ups.analytics.yahoo.com/ups/55953/sync?uid=0198e94a-860a-47fd-939b-7dbd9121fbdd&_origin=1&gdpr=1&gdpr_consent=
0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0198e94a-860a-47fd-939b-7dbd9121fbdd&_origin=1&gdpr=1&gdpr_consent=
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://ups.analytics.yahoo.com/ups/55953/sync?uid=0198e94a-860a-47fd-939b-7dbd9121fbdd&_origin=1&gdpr=1&gdpr_consent=
cache-control
private,no-cache, must-revalidate
content-type
text/html
content-length
267
sync
ups.analytics.yahoo.com/ups/57304/ Frame A1B8
Redirect Chain
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true
  • https://pixel.advertising.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&verify=true
  • https://ups.analytics.yahoo.com/ups/57304/sync?gdpr=&gdpr_consent=&_origin=0&redir=true&apid=UPa057d0b4-8d5c-11ec-be84-062baae1108c
  • https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_hm=VVBhMDU3ZDBiNC04ZDVjLTExZWMtYmU4NC0wNjJiYWFlMTEwOGM%3D
  • https://pixel.advertising.com/ups/57304/sync?uid=CAESEFOYy5yesQ6wk6KGISpkXwk&google_cver=1
  • https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFOYy5yesQ6wk6KGISpkXwk&google_cver=1&apid=UPa057d0b4-8d5c-11ec-be84-062baae1108c
0
393 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFOYy5yesQ6wk6KGISpkXwk&google_cver=1&apid=UPa057d0b4-8d5c-11ec-be84-062baae1108c
Protocol
H2
Server
3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-126-56-137.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.33 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:11 GMT
server
ATS/9.1.0.33
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFOYy5yesQ6wk6KGISpkXwk&google_cver=1&apid=UPa057d0b4-8d5c-11ec-be84-062baae1108c
date
Mon, 14 Feb 2022 06:09:11 GMT
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
pixel.advertising.com/ups/55986/ Frame A1B8
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=
  • https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fpixel.advertising.com%2Fups%2F55986%2Fsync%3Fuid%3D%24%7BUSER_ID%7D%26_origin%3D0&gdpr=1&gdpr_consent=&_...
  • https://pixel.advertising.com/ups/55986/sync?uid=YgnyBgAGFiWWdQBB&_origin=0&gdpr=1&gdpr_consent=&_test=YgnyBgAGFiWWdQBB
0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.advertising.com/ups/55986/sync?uid=YgnyBgAGFiWWdQBB&_origin=0&gdpr=1&gdpr_consent=&_test=YgnyBgAGFiWWdQBB
Protocol
H2
Server
52.58.50.64 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-58-50-64.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:10 GMT
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
via
1.1 varnish
server
Varnish
x-timer
S1644818951.858834,VS0,VE0
x-served-by
cache-hhn4025-HHN
x-cache
HIT
location
https://pixel.advertising.com/ups/55986/sync?uid=YgnyBgAGFiWWdQBB&_origin=0&gdpr=1&gdpr_consent=&_test=YgnyBgAGFiWWdQBB
cache-control
no-cache
accept-ranges
bytes
content-length
0
retry-after
0
x-cache-hits
0
stv
match.prod.bidr.io/cookie-sync/ Frame A1B8
Redirect Chain
  • https://ads.stickyadstv.com/auto-user-sync?gdpr=1&gdpr_consent=
  • https://1f2e7.v.fwmrm.net/ad/u?_dv=2&dsp_user_mapping=true&127719=ede99e97584b9cdf305a862519a5d7a&rdU=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D1169%26userId%3d%23%7bu...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=1169&userId=e4cf4_7064443598091343767
  • https://cm.g.doubleclick.net/pixel?google_nid=stickyxchange_dbm&google_cm=&google_sc&google_hm=ZWRlOTllOTc1ODRiOWNkZjMwNWE4NjI1MTlhNWQ3YQ==&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=141&userId=CAESEOyDSzs4gVfidKv1d8PuTRk&google_cver=1&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=stickyads&ttd_tpi=1&gdpr=0&gdpr_consent=&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=208&userId=0198e94a-860a-47fd-939b-7dbd9121fbdd
  • https://pr-bh.ybp.yahoo.com/sync/stickyads/ede99e97584b9cdf305a862519a5d7a?gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=199&userId=y-.OtWo0dE2oPGNbywn.ZcvRjZodmgTQWTpgkf92x8~A
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D209&gdpr=0&gdpr_consent=%26userId%3D$UID
  • https://ads.stickyadstv.com/user-registering?dataProviderId=209&gdpr=0&gdpr_consent=&userId=50512152093557099
  • https://sync.mathtag.com/sync/img?mt_exid=44&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D183%26userId%3D%5BMM_UUID%5D&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=183&userId=11bb6209-f206-4f00-b14b-a3aee7b8ab78&gdpr=0&gdpr_consent=
  • https://sync-tm.everesttech.net/upi/pid/wGbQAlJJ?gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fads.stickyadstv.com%2Fuser-registering%3FdataProviderId%3D187%26userId%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_co...
  • https://ads.stickyadstv.com/user-registering?dataProviderId=187&userId=YgnyBgAGFiWWdQBB&gdpr=0&gdpr_consent=
  • https://c1.adform.net/serving/cookie/match/?party=18&gdpr=0&gdpr_consent=
  • https://ads.stickyadstv.com/user-registering?dataProviderId=189&userId=2635539841690771505
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
0
0
img
ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/ Frame E045
Redirect Chain
  • https://track.adform.net/serving/cookie/match/?party=9&uid=41cc209823aaa6f2b42897fc45da4f3c04ad33c2f05e3bb5d40840312a2fb366&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f761...
  • https://track.adform.net/serving/cookie/match/?CC=1&party=9&uid=41cc209823aaa6f2b42897fc45da4f3c04ad33c2f05e3bb5d40840312a2fb366&tpid=42&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a8...
  • https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=42&gdpr=0&tpuid=2635539841690771505
49 B
569 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=42&gdpr=0&tpuid=2635539841690771505
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:11 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
nginx
location
https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=42&gdpr=0&tpuid=2635539841690771505
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
usync.js
eus.rubiconproject.com/ Frame D5E0 		32 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
104.89.20.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-20-125.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
e528b8c0e105d81f18326e49356c70fe222990dc412150a53671528d2a6c89b3

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=1&gdpr_consent=
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:10 GMT
Content-Encoding
gzip
Last-Modified
Wed, 15 Dec 2021 23:04:16 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=19743
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9702
Expires
Mon, 14 Feb 2022 11:38:13 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 1041 		1 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
3c1e109252f01d620faf43abb551a5e4cb6ff81cd5c2390e5855c736a35cc0c4

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://js-sec.indexww.com/

Response headers

Server
Apache
Content-Type
text/html
Dropped-Udsids
65|90|64|111|40|130|123|188
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary
Is-Traffic-Usersync
Expires
Mon, 14 Feb 2022 06:09:10 GMT
Cache-Control
max-age=0, no-cache, no-store
Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Content-Length
1325
Connection
keep-alive
async_usersync
ib.adnxs.com/ Frame 7E75 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
1f2a89b1-9264-4a11-9dfb-8d89e3705604
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
integrator.js
adservice.google.com/adsid/ Frame A1B8 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=thesource.com
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

timing-allow-origin
*
date
Mon, 14 Feb 2022 06:09:10 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
rum
dsum.casalemedia.com/ Frame 1041
Redirect Chain
  • https://casale-match.dotomi.com/match/bounce/current?networkId=19998&version=1&gdpr=1
  • https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644905351&gdpr=1
43 B
315 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644905351&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.21.141.232 -, , ASN (),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:11 GMT

Redirect headers

location
https://dsum.casalemedia.com/rum?cm_dsp_id=65&external_user_id=&expiration=1644905351&gdpr=1
pragma
no-cache
date
Mon, 14 Feb 2022 06:09:11 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
content-length
0
expires
0
no_match_opted_out
um.simpli.fi/ Frame 1041
Redirect Chain
  • https://um.simpli.fi/pm_match?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=90&external_user_id=$UID&gdpr=1
  • https://um.simpli.fi/no_match_opted_out
0
272 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/no_match_opted_out
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Server
169.50.137.184 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b8.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

access-control-allow-origin
*
date
Mon, 14 Feb 2022 06:09:11 GMT
x-content-type-options
nosniff
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS

Redirect headers

date
Mon, 14 Feb 2022 06:09:11 GMT
x-content-type-options
nosniff
server
nginx
location
/no_match_opted_out
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
text/html
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
138
expires
Sun, 13 Feb 2022 06:09:11 GMT
rum
dsum-sec.casalemedia.com/ Frame 1041
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=48&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647410951
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647410951
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:11 GMT

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=64&external_user_id=no-consent&expiration=1647410951
cache-control
max-age=0,no-cache,no-store
content-length
0
expires
Tue, 11 Oct 1977 12:34:56 GMT
match
c1.adform.net/serving/cookie/ Frame 1041 		0
330 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.2.237 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
server
nginx
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
ie
match.prod.bidr.io/cookie-sync/ Frame 1041 		43 B
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.prod.bidr.io/cookie-sync/ie?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.31.13.93 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-31-13-93.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:10 GMT
Server
nginx
strict-transport-security
max-age=2592000; includeSubDomains
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control
no-cache, must-revalidate
Connection
keep-alive
content-type
image/gif
Content-Length
43
expires
Fri, 01 Jan 1990 00:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 1041
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=8xNPVdybRFxNW9O6bePKlVLHgic
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=8xNPVdybRFxNW9O6bePKlVLHgic
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:11 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=8xNPVdybRFxNW9O6bePKlVLHgic
Date
Mon, 14 Feb 2022 06:09:11 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
CookieIndex
rtb.adentifi.com/ Frame 1041 		0
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.adentifi.com/CookieIndex
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.234.118.65 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Connection
keep-alive
Content-Length
0
Content-Type
text/plain
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 1041 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YgnyBJBcyJc9noldbsjVywAA%26320
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Date
Mon, 14 Feb 2022 06:09:10 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"da1f1d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=1363
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:31:53 GMT
cs&eq_cc=1
um2.eqads.com/um/ Frame 6050
Redirect Chain
  • https://um2.eqads.com/um/cs
  • https://um2.eqads.com/um/cs&eq_cc=1
186 B
370 B 		Document
General
Check archive.org
Download Go to
Full URL
https://um2.eqads.com/um/cs&eq_cc=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://thesource.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.45.237.203 -, , ASN (),
Reverse DNS
Software
/
Resource Hash
5ae6bd165e71a2e91e849157c58d9cad67f1a43af9fd4696ddd2535706bca4ee

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36
Accept-Language
en-GB,en;q=0.9
Referer
https://ssum-sec.casalemedia.com/

Response headers

date
Mon, 14 Feb 2022 06:09:11 GMT
content-type
text/html; charset=utf-8
content-length
186
cache-control
no-cache, must-revalidate
expires
Sat, 6 May 1995 12:00:00 GMT
last-modified
Mon, 14 Feb 2022 06:09:11 GMT
pragma
no-cache

Redirect headers

date
Mon, 14 Feb 2022 06:09:11 GMT
content-type
text/html; charset=utf-8
content-length
41
location
/um/cs&eq_cc=1
liveView.php
live.primis.tech/live/ 		0
226 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://live.primis.tech/live/liveView.php?hash=ozcmPTEznXRiPTEzqzyxX2V2ZW50PTM2JaNypaZypyRcoWU9MTY0NDtkODx0OCZ2nWRspGkurWVlVzVlPTMhMS4jJaM9MTAlOTxlJaN0YT0jJat9NTYmJax9MmE3JaZcZF9jYXNmRG9gYWyhPXRbZXNiqXJwZS5wo20zp3VvSWQ9qGuyp291pzNyLzNioSZxZWJ1Z0yhZz9loWF0nW9hPUFCVCUlMCUlRvUlMG51oUNuoXBunWqhp0F1Y3Rco24yMwAyMxYyMwAkJTIjJTJGJTIjMTUznXNBpHA9MCZ1p2VlSXBBZGRlPTtlLwE5OS4kMmAhMmxzqXNypyVBPU1irzyfoGEyMxY1LwAyMwAyMwuXnW5xo3qmJTIjTyQyMwAkMC4jJTNCJTIjV2yhNwQyM0IyMwB4NwQyMwxyMwBBpHBfZVqyYxgcqCUlRwUmNl4mNvUlMCUlOEgIVE1MJTJDJTIjoGyeZSUlMEqyY2giJTI5JTIjQ2ulo21yJTJGOTthMC40NmU4LwtjJTIjU2FzYXJcJTJGNTM3LwM2JzNmqXVcZD02MwA5ZwIjNDQ0MmxkJzNioaRyoaRGnWkySWQ9MCZgZWRcYVBfYXyMnXN0SWQ9MCZgZWRcYUkcp3RJZD0jJzqxpHI9MSZaZHBlQ29hp2VhqD0znXNXZVBup3NHZHBlPTAzY2NjYT0jJzNwpGFDo25mZW50PSZwYaVmqGVlPTE2NDQ4MTt5NTI2NDMzqWyxPVNyn2yhZG9TUGkurWVlNwIjOWYlMDQ2ZGUlZvZjqWJVpzj9nHR0pHMyM0EyMxYyMxZ0nGVmo3VlY2UhY29gJTJGJzZfo2F0U3RuqHVmPWZuoHNyJzVcZHNjPXBlZWJcZA==
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
185.220.205.205 Amsterdam, Netherlands, ASN41436 (CLOUDWEBMANAGE-EU, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://thesource.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:10 GMT
content-encoding
gzip
server
nginx
age
0
p3p
CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
access-control-allow-origin
*
cache-control
no-store
content-type
text/html; charset=UTF-8
ads
securepubads.g.doubleclick.net/gampad/ Frame 4775 		156 B
142 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?iu=%2F21734706084%2C22605357400%2Fsourcedigital&description_url=https%3A%2F%2Fthesource.com%2F&env=vp&correlator=3736105321326526&tfcd=0&npa=0&gdfp_req=1&output=xml_vast4&sz=1x1%7C213x120&unviewed_position_start=1&cust_params=prmsig%3Dcumbfo&sdkv=h.3.498.1&osd=2&frm=0&vis=1&sdr=1&hl=en&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&u_so=l&ctv=0&sdki=44d&adk=473228536&sdk_apis=2%2C7%2C8&omid_p=Google1%2Fh.3.498.1&sid=BF1B79A9-40BF-443D-A15B-B2F77C1DE867&nel=0&eid=44730465%2C44738437%2C44750822&url=https%3A%2F%2Fthesource.com%2F&dlt=1644818949717&idt=2564&dt=1644818952668&cookie=ID%3D6894fe1069f89a02-222f68553fcd0030%3AT%3D1644818947%3AS%3DALNI_MbCpx8c00Zwl11DQ0ybqfV9wsm9TQ&scor=3018910582803636&ged=ve4_td3_tt1_pd3_la3000_er228.-2550.381.-2250_vi0.0.1200.1600_vp0_ts1_eb16491
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.498.1_en.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f2.1e100.net
Software
cafe /
Resource Hash
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://imasdk.googleapis.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:11 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
113
x-xss-protection
0
google-lineitem-id
-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
-2
content-type
text/xml; charset=UTF-8
access-control-allow-origin
https://imasdk.googleapis.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
usersync.aspx
dis.criteo.com/dis/ Frame E045 		43 B
362 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=17&p=32&cp=adscale&url=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D40%26tpuid%3D%40%40CRITEO_USERID%40%40&uid=f7904b8952f7bf4f7f26f825d28ff9f5b21834125aa1c50bc0dbe83dcfd1615c&tpid=40&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fimg&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.2.151 -, , ASN (),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:11 GMT
server
Kestrel
x-errorlevel
0
strict-transport-security
max-age=31536000; preload;
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
612802
content-type
image/gif
expires
Mon, 14 Feb 2022 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame B06B 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:11 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
80979e78-adab-46e4-a01a-dffd75898898
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/429371437437189942/1437437190794/0/ Frame E045
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=26&redir=https%3A%2F%2Fih.adscale.de%2Fsium%2F429371437437189942%2F1437437190794%2F0%2Fimg%3Ftpid%3D39%26tpuid%3D%5BMM_UUID%5D&uid=6970439cd5041777424e3631...
  • https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=11bb6209-f206-4f00-b14b-a3aee7b8ab78&gdpr=0&gdpr_consent=
49 B
589 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=11bb6209-f206-4f00-b14b-a3aee7b8ab78&gdpr=0&gdpr_consent=
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:11 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Date
Mon, 14 Feb 2022 06:09:11 GMT
Server
MT3 4133 baa842e master zrh-pixel-x11 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://ih.adscale.de/sium/429371437437189942/1437437190794/0/img?tpid=39&tpuid=11bb6209-f206-4f00-b14b-a3aee7b8ab78&gdpr=0&gdpr_consent=
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Mon, 14 Feb 2022 06:09:10 GMT
crum
dsum-sec.casalemedia.com/ Frame 6050 		43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=40&external_user_id=8723d67c-3aa1-4a07-9dc4-d04cd21c8075&expiration=1652508551
Requested by
Host: um2.eqads.com
URL: https://um2.eqads.com/um/cs&eq_cc=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a2-18-234-21.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://um2.eqads.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:11 GMT
Server
Apache
Vary
Is-Traffic-Usersync
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Mon, 14 Feb 2022 06:09:11 GMT
img
ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/ Frame E045
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adscale&google_cm&google_sc&uid=f27533058903c1ca36aa42bc2e494008246ddaab09b02d4e2d9cf731a8fb2e00&tpid=38&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F703...
  • https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?uid=f27533058903c1ca36aa42bc2e494008246ddaab09b02d4e2d9cf731a8fb2e00&tpid=38&gdpr=0&tpuid=CAESEAiHPIt9FFXlS-sOdjtcxFA...
49 B
608 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?uid=f27533058903c1ca36aa42bc2e494008246ddaab09b02d4e2d9cf731a8fb2e00&tpid=38&gdpr=0&tpuid=CAESEAiHPIt9FFXlS-sOdjtcxFA&google_cver=1
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:11 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

pragma
no-cache
date
Mon, 14 Feb 2022 06:09:11 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?uid=f27533058903c1ca36aa42bc2e494008246ddaab09b02d4e2d9cf731a8fb2e00&tpid=38&gdpr=0&tpuid=CAESEAiHPIt9FFXlS-sOdjtcxFA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
424
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
async_usersync
ib.adnxs.com/ Frame 7E75 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
37.252.173.27 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),
Reverse DNS
539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:11 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 539.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid
771af13e-f29c-4e2a-a8da-94ed9bdc0a66
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
img
ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/ Frame E045
Redirect Chain
  • https://adscale-emea.adnxs.com/getuid?https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fimg%3Ftpid%3D75%26tpuid%3D%24UID&gdpr=0
  • https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=75&tpuid=50512152093557099&gdpr=0
49 B
616 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=75&tpuid=50512152093557099&gdpr=0
Requested by
Host: ih.adscale.de
URL: https://ih.adscale.de/map?format=display&ssl=1&ref=https%3A%2F%2Fs.console.adtarget.com.tr%2F&gdpr=0
Protocol
H2
Server
35.157.167.171 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-167-171.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17

Request headers

Accept-Language
en-GB,en;q=0.9
Referer
https://ih.adscale.de/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36

Response headers

date
Mon, 14 Feb 2022 06:09:12 GMT
p3p
CP=NOI PSA OUR
content-length
49
content-type
image/gif

Redirect headers

Pragma
no-cache
Date
Mon, 14 Feb 2022 06:09:12 GMT
X-Proxy-Origin
82.199.130.39; 82.199.130.39; 864.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid
d048f502-c818-4b40-ac8b-29e9655bd6ca
Server
nginx/1.17.9
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ih.adscale.de/sium/7038057004b8431a84f76189d87a9841/1644818949962/0/img?tpid=75&tpuid=50512152093557099&gdpr=0
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
adscaleRedirect
tracking.m6r.eu/sync/ Frame E045 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
api.rlcdn.com
URL
https://api.rlcdn.com/api/identity/envelope?pid=88
Domain
match.prod.bidr.io
URL
https://match.prod.bidr.io/cookie-sync/stv?gdpr=0&gdpr_consent=&_bee_ppp=1
Domain
tracking.m6r.eu
URL
https://tracking.m6r.eu/sync/adscaleRedirect?gdprFallback=true&uid=f729956a966c7211ac02de9f93de43eeedcf6e440f689fc611ad63377f8a5a50&tpid=48&cburl=https%3A%2F%2Fih.adscale.de%2Fsium%2F7038057004b8431a84f76189d87a9841%2F1644818949962%2F0%2Fjs&gdpr=0

Verdicts & Comments Add Verdict or Comment

178 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| 9 object| 10 object| 11 object| 12 object| 13 object| 14 object| 15 object| 16 object| 17 object| 18 object| 19 object| 20 object| 21 function| structuredClone object| apstag number| adsStart function| detectWidth function| detectPage number| FAILSAFE_TIMEOUT object| _requestManager object| googletag object| pbjs boolean| tempTag function| invokeVideoPlayer object| adUnits object| a9Slots boolean| a9BidsBack number| tableBreakSize number| mobileBreakSize string| device string| pageType string| dfpNetwork object| mappingLeaderboard object| mappingMRU object| mapping320x50 object| mapping300x50 object| mappingMulti number| len function| biddersBack function| sendAdserverRequest function| requestHeaderBids object| ggeac object| google_js_reporting_queue object| google_tag_manager object| dataLayer string| mi_version boolean| mi_track_user string| mi_no_track_reason string| disableStr function| __gtagTrackerIsOptedOut function| __gtagTrackerOptout function| gaOptout function| __gtagTracker object| google_tag_data string| GoogleAnalyticsObject function| ga function| gtag function| __gaTracker object| _wpemojiSettings object| monsterinsights_frontend undefined| $ function| jQuery object| params object| VPData function| documentInitOneSignal function| OneSignal object| _comscore object| displayOnDevices object| displayOnPages object| _qevents object| cbfc_strings object| wpcf7 object| cbExt object| cbScripts object| Wppsac function| b2a function| a2b function| ai_run_scripts function| ai_wait_for_jquery object| ai_front function| b64e function| b64d number| ai_jquery_waiting_counter undefined| Cookies function| AiCookies function| ai_check_block function| ai_check_and_insert_block function| ai_get_cookie_text function| ai_insert function| ai_insert_code function| ai_insert_list_code function| ai_insert_viewport_code function| ai_insert_code_by_class function| ai_insert_client_code boolean| ai_process_elements_active function| ai_run_774921289101 boolean| ai_js_code function| MonsterInsights object| MonsterInsightsObject object| html5 object| Modernizr function| yepnope function| udm_ object| ns_p object| COMSCORE function| Typed object| FB function| cbfc_final_countdown_box_size function| cbfc_box_size function| cbfc_run object| Kinetic object| exports function| retinajs object| twttr function| tabberObj function| tabberAutomatic function| tabberAutomaticOnLoad function| EventEmitter object| eventie function| imagesLoaded undefined| cbYTPlayerHolder object| CbYTPlayer string| cbYouTubeVideoID undefined| tag undefined| firstScriptTag function| onYouTubeIframeAPIReady object| wp function| wppsac_post_slider_init function| wppsac_post_carousel_slider_init function| ai_document_write string| selector_string object| gaplugins object| gaGlobal object| gaData function| quantserve function| __qc object| ezt object| _qoptions function| qtrack boolean| apstagLOADED object| twemoji function| ai_process_lists undefined| google_measure_js_timing number| __oneSignalSdkLoadCount object| _oneSignalInitOptions function| __jp0 object| __twttrll object| __twttr function| pbjsChunk object| _pbjsGlobals object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id object| GoogleGcLKhOms object| ampInaboxIframes object| ampInaboxPendingMessages number| sekindoDisplayedPlacement object| ampInaboxPositionObserver object| ampInaboxFrameOverlayManager object| google_image_requests boolean| sekindoFlowingPlayerOn object| freewheelssp_cache number| google_global_correlator object| closure_lm_992910 function| arrive function| unbindArrive function| leave function| unbindLeave

89 Cookies

Domain/Path Name / Value
.3lift.com/sync Name: sync
Value: CgoIgQIQ0s_ltu8vCgoI4gEQ0s_ltu8vCgoI5gEQ0s_ltu8vCgoIhwIQ0s_ltu8vCgkICRDSz-W27y8KCQg6ENLP5bbvLwoJCAsQ0s_ltu8vCgoIjAIQ0s_ltu8vCgoIngIQ0s_ltu8vCgkIXxDSz-W27y8=
.mrtnsvr.com/sync Name: userId
Value: 3tj6fyN4M
thesource.com/ Name: PHPSESSID
Value: 224ffaa8ef14c9970ea3dce32a2df535
.scorecardresearch.com/ Name: UID
Value: 1094975defdb7ebc87c57461644818945
.thesource.com/ Name: _ga
Value: GA1.2.560194516.1644818948
.thesource.com/ Name: _gid
Value: GA1.2.1977775518.1644818948
.thesource.com/ Name: _gat_gtag_UA_63798235_1
Value: 1
.thesource.com/ Name: _dc_gtm_UA-63798235-1
Value: 1
.quantserve.com/ Name: mc
Value: 6209f202-2a50b-0c9c3-057d4
.thesource.com/ Name: __qca
Value: P0-1539203873-1644818947875
thesource.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.rubiconproject.com/ Name: khaos
Value: KZMAQDUW-1W-886M
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB1WHULZGMFcjK2qEsFCZ0ctSdOhPT1GMTl2wHsFnqwQFBS1kK50e2V+WVEdVTOS8p1ymPvo8pleP4s7PQmCKGhZbrF2mGERI4E=
prebid.a-mo.net/ Name: __amc
Value: 1_1644818946_1644818946
.thesource.com/ Name: __gads
Value: ID=6894fe1069f89a02-222f68553fcd0030:T=1644818947:S=ALNI_MbCpx8c00Zwl11DQ0ybqfV9wsm9TQ
.doubleclick.net/ Name: IDE
Value: AHWqTUlQ2COpoGnCgggsoAQRReV5XWawOLQ5T5xXFsMK6obnBKII1YlxdvAtCJbz1TA
.adnxs.com/ Name: uuid2
Value: 50512152093557099
.casalemedia.com/ Name: CMPS
Value: 1840
.doubleclick.net/ Name: DSID
Value: NO_DATA
.casalemedia.com/ Name: CMID
Value: YgnyBJBcyJc9noldbsjVywAA
.adnxs.com/ Name: anj
Value: dTM7k!M41.D>6NRF']wIg2HaMnvwo!!@wnfH8K6pQK`!5=E<*L5?%Lz1J^fb4O07lhhAjA[95)[6FtWf@4wCusi3.J%nugO%v4VB%nmq!*)#A:
.casalemedia.com/ Name: CMPRO
Value: 320
.3lift.com/ Name: tluid
Value: 4442326126424788785380
.spotxchange.com/ Name: audience
Value: 9f45b308-8d5c-11ec-a92a-10b91cd50206
.ads.pubmatic.com/ Name: KCCH
Value: YES
ads.stickyadstv.com/ Name: UID
Value: ede99e97584b9cdf305a862519a5d7a
.creativecdn.com/ Name: u
Value: FnRwMWzVlB0zfyei7KwG
.creativecdn.com/ Name: ts
Value: 1644818949
ads.us.e-planning.net/ Name: CT
Value: 1
.e-planning.net/ Name: E
Value: AIBmG0l3I1jSJ6Rb
.sitescout.com/ Name: ssi
Value: b0f03b4d-d31c-4e67-8b61-c0ef7307a658#1644818949675
.adscale.de/ Name: uu
Value: 5846078ef9854425afe37b8a2466bf05
.zeotap.com/ Name: zc
Value: a7d0e044-c12d-4eca-408f-689f066ba20a
.zeotap.com/ Name: zsc
Value: N%1Ed%A9d%B9P%7F%81%2BD%D6%02%EC%8FF%19%08%9D%A2J%C1%1A%9A%1A%F9%D3B%F5%B4%A4%FE%3E%96%A9Q%2A%D0%99p%C6%CC%D1%CF%87uj%847L%A0%DA%9Fi.%9F%5CH%5D%DB%0Ah%F8%89%17%03%C9%09Kn%1F%B3%84%FC%D2%B9%87%16%CA%2Cod%05%B7%F7%9B%C6%F2%E5%DA%BD%87u%B32g%DB%8B%01%A4r%E5%26%A6%7CP%A3%7B%C2%C5%8B%E8%1FL%D2%92%1CsTUp%90E%F1%A5D%19%A3ivq%AFr%C8%BE%1A%80%F5_%21WR%D1%9F%0C+RLmB%06%2C%F52%0C%7F%9AU%1B%963i%9A%D1%8BR%3A%E9
.sitescout.com/ Name: _ssuma
Value: eyI0IjoxNjQ0ODE4OTQ5NzI0LCIzOSI6MTY0NDgxODk0OTcyNH0
.richaudience.com/ Name: avcid-zeo-uid
Value: a7d0e044-c12d-4eca-408f-689f066ba20a
.tidaltv.com/ Name: tidal_ttid
Value: a47d662d-d462-4880-92e1-3a2d54e1cde5
.adsrvr.org/ Name: TDID
Value: 0198e94a-860a-47fd-939b-7dbd9121fbdd
.tapad.com/ Name: TapAd_TS
Value: 1644818949906
.tapad.com/ Name: TapAd_DID
Value: db1a488b-5632-49fd-ba23-5b11149174e1
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjCysDK0MAIACx72wQkAAAA="
.demdex.net/ Name: demdex
Value: 04426606487396862351521073587310657736
.console.adtarget.com.tr/ Name: a550214
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a544989
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a502624
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a550070
Value: ${USER_ID}
.console.adtarget.com.tr/ Name: a307080
Value: FnRwMWzVlB0zfyei7KwG
.console.adtarget.com.tr/ Name: a306708
Value: ${USER_ID}
.adfarm1.adition.com/ Name: UserID1
Value: 7064443593810180246
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:
.quantserve.com/ Name: d
Value: EGYBDQG4JbjvsQA
thesource.com/ Name: _lr_retry_request
Value: true
thesource.com/ Name: _lr_env_src_ats
Value: false
.dpm.demdex.net/ Name: dpm
Value: 04426606487396862351521073587310657736
.turn.com/ Name: uid
Value: 9033136977621647392
.weborama.fr/ Name: AFFICHE_W
Value: 1jtrt7ytdGzW33
.console.adtarget.com.tr/ Name: a307565
Value: 5846078ef9854425afe37b8a2466bf05
.krxd.net/ Name: _kuid_
Value: OqVccpnG
.agkn.com/ Name: ab
Value: 0001%3ADZSjYMEOempTuhpVe0ICI1jKfIvk6ziq
.crwdcntrl.net/ Name: _cc_dc
Value: 1
.crwdcntrl.net/ Name: _cc_id
Value: b1de5e0acbc9c91360d3219971e8fde5
.fwmrm.net/ Name: _uid
Value: "e4cf4_7064443598091343767"
.theadex.com/ Name: axd
Value: 4285859869959566613
.theadex.com/ Name: tis_jQL
Value: jQLeApIw
.bing.com/ Name: MUID
Value: 179750B89F376774061E41F39E9B667F
.ibillboard.com/ Name: ibbid
Value: BBID-01-03195329503556354-16525656
.mathtag.com/ Name: uuid
Value: 11bb6209-f206-4f00-b14b-a3aee7b8ab78
.yahoo.com/ Name: A3
Value: d=AQABBAbyCWICEAQgrS0aDScoIZNlZmicQKQFEgEBAQFDC2ITYgAAAAAA_eMAAA&S=AQAAAh7bw3cSYLHMn4Ceeea-akA
.console.adtarget.com.tr/ Name: vmuid
Value: d8e25e30751d8ce8
.console.adtarget.com.tr/ Name: a307442
Value: AIBmG0l3I1jSJ6Rb
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&c7540400-7f18-4522-8fac-1b3419d2eaea"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NDQ4MTg5NTA7MjswMjEReXvfoj4/YemSjw9dd8BeMt8OEy3bZTaJm5tXyz9Wgw==
.linkedin.com/ Name: lidc
Value: "b=OGST06:s=O:r=O:a=O:p=O:g=2333:u=1:x=1:i=1644818950:t=1644905350:v=2:sig=AQHaSOmzU-lL4aSu1WV4EfUzbFS8NHcu"
.adsrvr.org/ Name: TDCPM
Value: CAEYASABKAIyCwjW9aj55-K3OhAFOAFaBmFkYXB0dmAC
ads.stickyadstv.com/ Name: sessionId
Value: 254ceca5d736ed4ab3b6dd4f18d4bc95
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YgnyBgAGFiWWdQBB
.advertising.com/ Name: APID
Value: UPa057d0b4-8d5c-11ec-be84-062baae1108c
.adform.net/ Name: C
Value: 1
beacon.lynx.cognitivlabs.com/ Name: UID
Value: 92644fdd-86b8-4db9-9ec4-c87fb091d6db
beacon.lynx.cognitivlabs.com/ Name: ss
Value: etDgYUmk3PHY2ZkgXb0gn5VeEIHBkHTOinnbvXZkhouahu9fh%2BlsdRAt83rWEbYSBMmEsOFtlxHyKzEupN3KMQ%3D%3D
.adform.net/ Name: uid
Value: 2635539841690771505
.analytics.yahoo.com/ Name: IDSYNC
Value: 187s~2386
.casalemedia.com/ Name: CMST
Value: YgnyBWIJ8gcA
.simpli.fi/ Name: suid
Value: 6B5144E7286E4D72921F1BBBE3A2B82E
.adscale.de/ Name: cct
Value: 1644818951026
.ih.adscale.de/ Name: tu
Value: 4#3395463652#48~~456894~456894~1#101~BBID-01-03195329503556354-16525656~456894~0~0#38~~456894~456894~1#39~~456894~456894~1#40~~456894~456894~1#42~2635539841690771505~456894~0~0#75~~456894~456894~1#63~YgnyBJBcyJc9noldbsjVywAA&320~456894~0~0
.casalemedia.com/ Name: CMRUM3
Value: 826209f206a8c0&2d6209f2052760CAESEJYAPWMf7hZ1xGk_RFcp-nI&296209f20605a0&416209f20605a0&da6209f2052760&9c6209f20605a00&036209f20605a0&bc6209f20605a00&046209f20627609033136977621647392&586209f20605a0&6f6209f20605a0&f16209f20505a0&ce6209f20605a0&516209f2062760ndGWos3RlqmG0ceum4GLq8jaxaiG05Osz9dQ5Tng&276209f2050b40&086209f20605a00&286209f20605a00&7b6209f20605a0&5a6209f20605a0&e66209f2052760&406209f2072760no-consent&2e6209f20605a0&986209f2062760920cd561-abbd-47f1-885f-bcaae4b0e88d&496209f20505a0

13 Console Messages

Source Level URL
Text
other warning URL: https://cdn.ampproject.org/rtv/012201141909000/v0/amp-ad-exit-0.1.mjs
Message:
Unrecognized feature: 'attribution-reporting'.
network error URL: https://ib.adnxs.com/getuid?https://mwzeom.zeotap.com/mw?adnxs_uid=$UID&zpartnerid=2&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://dmp.adform.net/serving/cookie/match/?party=1105&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Message:
Failed to load resource: the server responded with a status of 403 ()
network error URL: https://a.audrte.com/ptag?p=M1353665098
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript error URL: https://thesource.com/
Message:
Access to XMLHttpRequest at 'https://api.rlcdn.com/api/identity/envelope?pid=88' from origin 'https://thesource.com' has been blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network error URL: https://api.rlcdn.com/api/identity/envelope?pid=88
Message:
Failed to load resource: net::ERR_FAILED
network error URL: https://sync-tm.everesttech.net/upi/pid/cQZGoH6Q?redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D876%26env%3DmWeb%26cid%3D${TM_USER_ID}%26env%3DmWeb%26eventType%3Dmap%26gdpr%3D1%26gdpr_consent%3D%26id_mid_4%3Da7d0e044-c12d-4eca-408f-689f066ba20a%26reqId%3D70ff3db0-c609-45e1-509d-6169e238242d%26zdid%3D1361
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://id.rlcdn.com/709414.gif
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://eb2.3lift.com/xuidmid=7976&xuid=3tj6fyN4M&dongle=u6nf
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D&gdpr=1
Message:
Failed to load resource: the server responded with a status of 503 ()
network error URL: https://tags.bluekai.com/site/87734?id=a7d0e044-c12d-4eca-408f-689f066ba20a&gdpr=1&gdpr_consent=&redir=https%3A%2F%2Fmwzeom.zeotap.com%2Fmw%3Fzpartnerid%3D1202%26env%3DmWeb%26cid%3D%24_BK_UUID%26BK_SWAP_DEST%3D87734&env=mWeb&eventType=map&gdpr=1&gdpr_consent=&id_mid_4=a7d0e044-c12d-4eca-408f-689f066ba20a&reqId=70ff3db0-c609-45e1-509d-6169e238242d&zdid=1361
Message:
Failed to load resource: the server responded with a status of 400 (Bad Request)
network error URL: https://c1.adform.net/serving/cookie/match?party=29&gdpr=1
Message:
Failed to load resource: the server responded with a status of 403 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
aa.agkn.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.mrtnsvr.com
ad.turn.com
ads.adaptv.advertising.com
ads.pubmatic.com
ads.stickyadstv.com
ads.us.e-planning.net
ads.yahoo.com
adscale-emea.adnxs.com
adservice.google.com
adservice.google.de
adx.adform.net
ap.lijit.com
api.rlcdn.com
b1sync.zemanta.com
bbnaut.ibillboard.com
bcp.crwdcntrl.net
beacon.krxd.net
beacon.lynx.cognitivlabs.com
bn01.er.bemail.it
bttrack.com
c.amazon-adsystem.com
c.bing.com
c1.adform.net
c2shb.ssp.yahoo.com
casale-match.dotomi.com
cdn-images.mailchimp.com
cdn.ampproject.org
cdn.onesignal.com
cm.adform.net
cm.adgrx.com
cm.g.doubleclick.net
cms.analytics.yahoo.com
connect.facebook.net
contextual.media.net
creativecdn.com
csync.loopme.me
dis.criteo.com
dmp.adform.net
dmp.theadex.com
dmp.v.fwmrm.net
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
dsum.casalemedia.com
eb2.3lift.com
eus.rubiconproject.com
exchange.postrelease.com
f03ca117d2d1f8dc65713e9b8d2f5951.safeframe.googlesyndication.com
fastlane.rubiconproject.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hb-thesource.s3.us-east-2.amazonaws.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
i.e-planning.net
ib.adnxs.com
id.rlcdn.com
idsync.frontend.weborama.fr
ih.adscale.de
image6.pubmatic.com
imasdk.googleapis.com
img.onesignal.com
js-sec.indexww.com
js.adscale.de
js.cookieless-data.com
live.primis.tech
loadeu.exelator.com
loadm.exelator.com
match.adsrvr.org
match.prod.bidr.io
mwzeom.zeotap.com
obgpm76tt0a0sgogzhdfe.redinuid.imrworldwide.com
onesignal.com
onetag-sys.com
pagead2.googlesyndication.com
pixel-eu.rubiconproject.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.mathtag.com
pixel.quantserve.com
pixel.rubiconproject.com
pixel.sitescout.com
pixel.tapad.com
platform.twitter.com
pr-bh.ybp.yahoo.com
prebid-server.rubiconproject.com
prebid.a-mo.net
prebid.media.net
prg.smartadserver.com
primis-d.openx.net
px.ads.linkedin.com
rtb.adentifi.com
rtb.openx.net
rules.quantcount.com
s.amazon-adsystem.com
s.console.adtarget.com.tr
s.e-planning.net
s0.2mdn.net
sb.scorecardresearch.com
search.spotxchange.com
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
spl.zeotap.com
ssum-sec.casalemedia.com
ssum.casalemedia.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.console.adtarget.com.tr
sync.extend.tv
sync.mathtag.com
sync.richaudience.com
sync.search.spotxchange.com
sync.srv.stackadapt.com
sync.tidaltv.com
syndication.twitter.com
tags.bluekai.com
tags.crwdcntrl.net
thesource.com
thesource2-d.openx.net
tlx.3lift.com
token.rubiconproject.com
tpc.googlesyndication.com
track.adform.net
tracking.m6r.eu
trc.taboola.com
u-ams02.e-planning.net
u.openx.net
um.simpli.fi
um2.eqads.com
ups.analytics.yahoo.com
usermatch.krxd.net
video.primis.tech
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
x.bidswitch.net
api.rlcdn.com
match.prod.bidr.io
tracking.m6r.eu
104.244.42.136
104.89.20.125
104.92.72.137
108.157.4.121
13.248.245.213
142.250.185.226
142.250.186.130
142.250.186.98
143.204.95.188
147.75.38.124
151.1.205.165
151.101.194.49
162.55.233.29
169.50.137.184
178.250.2.151
18.156.195.47
18.185.159.202
18.185.181.98
18.192.153.193
18.215.193.43
18.66.247.90
18.66.248.33
185.167.96.10
185.184.8.65
185.220.205.205
185.29.132.245
185.86.139.58
185.94.180.123
185.94.180.126
192.124.249.167
192.132.33.46
198.47.127.19
2.18.232.130
2.18.233.180
2.18.234.21
2.18.235.93
2.21.141.186
2.21.141.232
2.21.142.210
2001:678:cb4:bbbb::11
204.237.133.116
205.234.175.175
209.54.176.128
212.82.100.182
216.52.2.30
23.37.38.181
23.37.42.132
23.88.75.186
2600:1f18:6593:f607:11a7:cf56:2b1f:dc6
2600:9000:224a:4400:f:4f64:8940:93a1
2600:9000:2315:5200:6:44e3:f8c0:93a1
2602:803:c004:200::143
2606:2800:234:59:254c:406:2366:268c
2606:4700:10::6816:1857
2606:4700::6812:e134
2606:4700::6812:e234
2620:116:800d:21:5a23:9c4e:e774:96c1
2620:1ec:21::14
2620:1ec:c11::200
2a00:1288:80:800::7000
2a00:1450:4001:802::2001
2a00:1450:4001:80e::200a
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2006
2a00:1450:4001:811::2004
2a00:1450:4001:812::2001
2a00:1450:4001:813::2008
2a00:1450:4001:827::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::200e
2a00:1450:4001:82a::2002
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2003
2a00:1450:4001:830::200a
2a00:1450:4001:831::2001
2a00:1450:4003:807::2003
2a00:1450:400c:c0c::9b
2a02:fa8:8806:16::1370
2a03:2880:f01c:216:face:b00c:0:3
2a04:4e42:600::300
2a05:d018:24:b002:5c97:83c8:403c:77a7
2a05:d018:d29:3602:8032:ea84:336c:262b
2a06:8640:628:0:ec4:7aff:fe94:33ae
3.122.136.79
3.122.161.218
3.126.56.137
34.102.163.6
34.107.148.139
34.197.208.127
34.225.96.147
34.232.233.83
34.234.118.65
34.249.68.36
35.157.167.171
35.186.253.211
35.201.81.244
35.227.248.159
35.244.159.8
35.244.174.68
37.157.2.237
37.157.4.39
37.157.4.40
37.252.172.36
37.252.173.213
37.252.173.27
46.249.52.249
5.178.65.246
5.178.65.252
51.158.28.83
51.75.86.98
52.214.166.97
52.219.176.194
52.223.40.198
52.31.13.93
52.45.237.203
52.48.40.152
52.58.50.64
52.94.223.167
54.205.198.81
54.78.254.47
54.81.207.173
54.85.64.84
62.149.0.72
62.209.227.210
66.155.71.149
66.155.71.25
69.173.144.138
70.42.32.255
72.251.232.228
85.114.159.118
89.163.159.108
0060af55b40b80f184a0e97d6d426a78b4662c10830484105a91d1b10f94f3c1
0070d23638eb00570923a04b59fe945590c9253df94f92100770e3bf83a20bcb
00bcc95e057fdbf8afa5fa49ef756cc654084b619188c64f0249064b141b8ffb
01f57e35f82feb2012a0dd69849e33e2192aeecaa224f2736d9c7d1a6c0c180c
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
061bee66b2175b421dab982278b8d7d077aa50c9d54a364a7cba161c64e7dcf1
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
081ac47ebc414943049836ff8e1b06aceb20c1c27419aa8807f55f88e8dfa29b
089a9da68c8cd212d3a613e2d231d7dcbf8fffbf76455e1aed9009493c14356a
096ebe5196b95f66c1c0b9f3dcea9e6e3f40f2d55cd5933af5e4942adb232593
0a060b40cf3490985d1359f6e5a13cefbfd4f6454484c715f72bf3ab93748c55
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c7178cc6ca34fb18e30f070a5e7a1c287b2d7ccfcba2cfdf06e0f46eda55740
0f63aebd33fe2858a5adc1469a271140e176e701fad42c8db359c5e7e77aee59
0fb2137cee5ff2d5319f1c359409d007448aa8e43f6c0ef5ddb0f546c9c4bdb2
103b96c4b26d063108697d1be835499e5e2a4b8879ca5312ac9a88b9368d1170
125ec330f66081e7dc9f2814e9ec18f4e2d0baa1936d497375eedfda7ac12e5c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
13ab06913444b6e3b4139e5487813073f11e082878ae8a5bf5213fdc6f95f5e0
144822a1b5316a4e9a06ffbf5802b8c1cbbc0a3f230d81b98f362f7fe4c128c8
144dfc7f3c8315d272c4dc03429633b1b6766e898302f6ff059e7df0cf8c9021
14d79e2cf47df339b79d25ffc6d0136e5d2e70a96b75e6782198ea6bbda3ca0a
154212eb976f7df7c79f5844fcb356740bcb6c51edacb2e8515108e2d7effa67
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1844237c138bd410bc7fcfecd38156aa58aa2968d59889386b17de5c796e3c84
1b4d9184b3010223e94829223441cd37e850f296f893982756a478a736b590a3
1c5e854ffb860ade7b6e01352612340dd82858360c56bec6af9e12acc924b538
1cdab6037613a9c32a0192a61159f909dbfcbce634254c454e7a38c687c5f8c3
1f5a3cbf19a41df9f5e59f05ac4c668b3caa896cb3c2e5c96f7addf4f6a96479
204265a6f1fc8529e4a64cff2c17c04709b46455f93003d24edb50bd78977223
2259195eb1777a95ed2cf096f110800af53b0168aecd81673fb2a09802b0b364
240e891c8e2d9afa355ef277f6fc195e0a9159a155dc3b525a4539030d1b5be1
24d924f19d756f94126180f88544ae8286478729897c5e7cae8e9b6041a52f62
26ec60e4b03e6e00a43daeda6c8bb6727af9caad66d9ed0f896d5951b389417e
27adb19784b26d883666762a693f152c93e26a6791d742ecbe6ede8853a8de98
291437ea71e62b1c35d4ec5d3c5ad02cfa930343b41b1472fba70243089c8bbe
2ad9429260f9dd7f1486e311beef3c823181a6758bcb245ca00727181bad4d3d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36c6c5a29efb8da343da850a8197df6aeaffebd1f936bd4978616419cbdc4b
2e8fa2037c41372ddc72ea1e08a477ba37998b54b5416b8cff0554fa5b865e27
2e9395a7a7cc4455c60ccd13aee6c071100d78ef09d7b0ab1983ec1c4377d12b
31197c647656a22836cab642095b18602ae852b7a291188d677a0b4eea5a35e8
3186009784546cd6cf27598aeda3d87708c583a207c64f5e95bf6a6f22a2da1e
3300e36eba7b673bad62144fe66976f1bf29392bbd35a07b76f468e3ebb3a459
3516496d97f72bf509cf5d6902b5deebf53355ccb21127dc777d265cd96ca2d8
3594b521ac9e1cf8934ee7d095374efd7a898100a8caa3b8bba75e5dd144a64f
35b6aef10001dec819bbc017247ba85861a1b9f9cfcc0ded5030bc2ae15dee23
36133ca07927c88a7cc578fddbaed3c668ab75087834d0ca13dca5de4ec856c1
3647925cfe3a04fa84025ead3a347e5807ba7351a1de7bcc494c55794fd5528b
36f19ddda576c29a195ed385e021effdea2018bdd8c45df0f775228aeaaf2e04
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38584169709df9b932f3cb8a69e438bbe518044777f0163534ef78dc0a5f053b
3954c079cedc82e8ddac1125c3867f78b5ea5df0059c11e3f6834246f3b35b98
3c1e109252f01d620faf43abb551a5e4cb6ff81cd5c2390e5855c736a35cc0c4
3d408b1a86f6e55e53a38640d10ac6f10149a5f2910ba0785db326523499151f
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3e0c0fe001921c544a208dde542e5ad60dc01f58280a5d276506aef30f8d5d61
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3ed28b461a192fed06384f12e43072e94d5d8faf3b13a357907aefa7ea1b99c8
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
429a3794e6f69cb61f02e11ff0fa8a5a8377f2f17e05f624b698f3ea7dbec5bd
42d90b9ccf40e6b29d639646d7d63c79878da70f72e5bedebd1d6e830465bcf8
463dfcfa896f16bbe702809343f9c0b1cc8993b48f368494be91d69f7c52c80d
4758cce50cbad1a6e5f0837c18ecaedc24f06e9de307a4a09c80b9a86b49a6d6
484d0f26671268fef60d499dfe654df5d5b53f8957334410df6fddcc3c043b63
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4ae689a5b37c61962b7f8702568778b5fe5afa464b5d7e21646cd6e75cdd0153
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4da93c4c460686e5b52aebf600360f6aa476d4953fd1194010f1918ad6907308
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5126b6a8bba0dada6ca4ea7c38470d74716b8b28e8133c1dd6d39d17004e0de5
5164bd05af39d3bfd75b96ecd577ea9e30ffd45f4249765dced7de4363559e3f
53ccee744c5db641ca9e37f041a302720b862edf02e7fdee87ba9cb66921a287
541ac58217a8ade1a5e292a65a0661dc9db7a49ae13654943817a4fbc6761afd
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5498eab9ddd9c6790d3e401556c0daaa159bcf36708cb89fee8184bf38e4b7aa
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
561cee3ce7c56f84f342daeef6d3be53a01f09375f48f915b006779a62852dc2
5744ee911cbb29ebfb686ed35dc772f6a7bec892b4489ae57f43d5200109a2ab
58ebf469809e5cfcec387199eb78dc85d30fcd36295a484caa6bfa8ec02abafa
58ed344732766704ee535508e3dcd8d4a8ec0c9c79d16adf02293adde110926c
59545507a40fa184e27f685a5448e2094a921c354e35ba46ca778ea64ac88944
5a18605d9766a17abff3ddc8e7c39fb13d5ca067b3e5440e0f9e1a6f04e6306e
5ae6bd165e71a2e91e849157c58d9cad67f1a43af9fd4696ddd2535706bca4ee
5bb08412d18881e3fc69fdb44226bfc6f66a77d45dfff3f10b98a100c09bc970
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5df9eee36a61ef8f89d39c04ff402ded30aa9c627b6ef2134f55fa0e8b537153
601ece30ae9b8f10b3ee32431ecfab8e584ecd8c8441dfc936e61bfa381d6060
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
607f20542f68184479a3a085fc2763563782b55fdbaf0edc361b6eb9a43286d6
60e0fd4cf5311d98ca31d510e17ee6a58d71d4bd46a7aba9de2e5e8da2423e20
615eb206011d97e02bb9fbc4ab3e560b25ffaff03eb2ee3028521a9df90ac413
616f41fbbcf44ba72bb9c97132871526164c81d78f56a15e04ece1a44eb5606a
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
65fde5fc0a0151d33bea0bfc69398048f6037da276705d396761015b31ccba84
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
68986dd8f1ef6b05cbc0a2f532b87ea2f93ebe9ccd06f8265b15044dd1f4ab17
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b14f6f125a1709d61451edca5b6b94ab0e573e183277054f6a7594b0ca46499
6c9cac9b30dca2e7eeb9e9690b1bf8fb56416ac5e03f7a85f47d99c4a31df50c
6ce3e020c5780b72d4a2aedd976cb668228ce2bb789c46dd46b19034f5504138
726906ee6ce6dfe1b6e35ddad151196c50277e31520de30e916e9cd9affc0ef3
72be863fbd7bdc0bdfdfb6c7be6ae5f37b0140ea9e5191c17e9befe36ca11ea1
730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658
731ce13d2cec8a234de8f4e95fe73f8f9edcf34b3ef258b35480cae1aca81474
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
7512bf3b9ec62642bc0800d0ca3c5b8b37a1384814cc7a29d31f6823740fd403
765649282bb3067226382bec6bf47f87274a9a93cdf808ec802e9ecf8ea3afba
76d1da9e9902ccf3d2983b706151d7c4f1a910c86b757fae4302ccf989c630a7
784acd540b5fcfb87c47dfe12e5311084ce692366a2ac196fd5cc8eb28ff4c23
78e8dcb768cd94f0bc2a79cde3473ff7d3c207964eea74c905971276c6dd3e81
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
79d7087780c392f3f8ec4c717f2a6d97b6d3bb47f3c287eb0947c52722da07ee
7b175e3d672f1560352dc7df0b4e1aaf4cf6dba4605563465df69fcceb052bbd
7c000e1bbe3d84a70b062afb26a85fee789771b492d23c40c7be77a8cdaf84cf
7d93459d86585bfcdbb7e0376056226adb25821ee54b96236fe2123e9560929f
7e4fe942a250f89bb8d803ffe672198c947ea7f6bdac6bcadab71f124e1de089
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7f4611610e7eb4cc59298007c3a5adadb6d2417aea7fd0fedcd9cf8fbd52f674
7fd59024b6ca83f11f7a3448ec148309a13b705725716df134f699e60a96eb1b
8081f8fe11910043503ca0df22cde91420a8ca7a04af9fd0d0ad823795f59d93
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8bba198b6c1f37f5ee1697ee11aa537a51193955a0f053dda0513fc2613c7e78
8c4967c13572e41e718dfbb3d84dddeacc748aa14cb2d65ad91ecdde60f50664
8cd629187427fdb93787d7156be7a32c391bb2a8da471bbaa274e806e48b36e7
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8dd7e1b7d4208d65bd549e8ba650f5b9e79772efc3024ac9f4ec0063b61760d4
8f4b70778aa21c1c093c6acbad70c70b2e69d4d22e47d9405ee137db16ca050b
91937d656c2490512dc253c12ca1119bb6612654aff5cdf93d857db973fbc0bd
91b4eb09154d5ebef46352e922194ec6dbb9547b63f9776ae10133fe1ca66879
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
975c02c5bc64e306b2dd9427fd27e5dd8133780f0be998b6be97fa07cab60586
991192945d3d0bb80f4b2bcd7e31b953e9ab3b5dc7bcea29c725676f9d8a3523
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9af076e8567451cd0e75441e6cb9e23fddd1024c10cb8f29f644e30d57df59ab
9c21b3dbf862e916d2689453d7f27dcc0539a0239bf323e5f2db397fca0e5d21
9ed334c1984e9b1e5a95b17b1aa918734f6af99c7c7716287641817c4a0e9c85
9f758ba27f5e68c0c2af1d56b729721d0bdd8a6235637c567043ab22e1eb29ea
9f8e04713ca1fa3b1f8f9286db8bd1e4e6d992c106da0fbcce5bccc2c45b1c2c
9f9adf40b90518185af5c536daeb039f575aef8f3bd5ef42c020c418ba799b9b
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a03201084a29d37b3135d1075cd471bf923b06f7be56fe65c094f15a86d50025
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a256529bd5b1b8846f8d2536ce7581fb6cea4479992f222d01535903dff48d79
a3336e3373c170b40764f5a62d121335bec4243b0034e561937194dfe2e413fd
a3f737682b5b27b6cf0f535142b8f3720996fa24fdff3083c480939190f2b429
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a7d040d5e84706dac2d471ad33830bd0ae361ca06e53e72e817701478c6d5afa
a8f0cdba9af9734e31aa748a0953c3fd806d5ea2aa37d9bfebe494cd7f707ae6
a8f446762916e3a2b8fec22eef21d4bfbc6629bf22be4d57ee40b89df8d8e113
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
ab51abece78c7051aa8ce65c192dba04c920b6e0d1796228c291a3feb8c5df76
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b236dccee1a0d5280842bdff52b4005e2b0c9ee5d74a15db3e939c53306576d3
b23f183ed5ad9e60fc0bfa5c13f2962e773323b04a4474713183fe24b526642d
b42942929d2f8e8e1c453467a42e148aec36853a8e604247fbdf0cee43e23f3e
b4d22451346129ff0cd4b339b256253bb9cdcf17d7b9eb6da3fb4ae13c5c961c
b55bb81e3860986b9367a08c2d606ccce55724e6b3e72b983047da6d107f9758
b6f4e220da1d394544fa342b883483af7f0294f92a7c988f6606ae78775d6aba
b7ffdc1ff68534ae1d2cb257a9ee406919fe3df5815ba0648aae5a207d0a9b6e
b8fa704c9d8d1e82281e6c3f47abc8dcd07ca83532063e53ea765a98c07f7b46
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bb79e0aacc23fbf951de2bf11805ffa1df4fa0f78274c5db77eaaecf5581b475
bc91070943a905f7972cf01972b38c24d80edf9c789eeaeb348fb6ee1a9e0da0
bd45626491501bb2353467354cafb6c8256e75252c036050282ee97fae6709f2
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c37aa7942a1c3d431075b45371dc7de11732e738d23f2d14ceb573bec645f756
c5181719604064106aabc26726729f88fdc69281de2fabbe1cc42f169e43ca2e
c67f5bb8887d54078f43337b13dab3899d27645de626aaf66188891c2678b157
c6d03b7a5561687268e57b13d9d4a6a4c71ee570ea74718040ce9227676e3e5e
c76c5e5655247974a010b3b41e632f8f15bda46dd1755de5193f12a8993ed114
c843d1014342ef08bbd38f0be07df3aed370e06506f72c4f257261e3c0d35a8e
c894943277b29201d15dcdaf9a54e081575a3f1ed7c5b85dde8f464424da5a17
c8ca7b3d35fa9507339d4ebeae05f3a86f78203a6e4680d096e483c92c091c9f
cab8a95ca8e2bf48b0f4e16f3b1298fbb408d416e575b6bb0b766a48d6ec7e45
caecb1bf35e6ff8a91bf2e2a4837660e00c399d0d8692466a371373e54b90f75
cb14d1c46e0612c497ae1dd8cf73388e23ac177bb1590567d7fd0774996b14f7
cb696ecd7c4f31fdd7c7c1cc37e8efc29614fbcbadf74f455aa496d72ce33250
cb6c93ae56be1b80e9734a2e323c1f081735f4ae7ddc2f99b24ce7dba15b2364
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cc83fe6d180fd859f448bacd040799bf379ee7e0d9b1e6c3f19499c1c4358864
cef7ad69c55d6b662d173b158a575cd9c5fd487c485753439f3712a4b35f7731
cf2495ac055ca7ea80df330c2c0ea6d62babff156be8ff1645fcc2e2fa310c63
d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54
d1e3f8e415e18e40554991365d26227d2b949fdc6b61cc064ec27967b612fe52
d42aa6ba62ae59850964fe93492f8517856bcdcc15df7302451bacb02efcadf1
d4a629c0feed21954dc06ea0116241bc40b7148d3cfc8ea9e6840b087773a132
d511d4dafdc47fb28b09a8a4ca8a86f589e96ee3cdb2f652bc1863085171765f
d7e71200520e00ecff81c880fee83dce822fa132e17519edf21238212fca8b02
d8ade0d94aaf4b3d52776b75609e8d1c31995677a0a033a6fa2408425da07740
d98d7bdfe0f9ac78ec9ab3274b04e5663ef132767c4014ca899c820634b3f204
db414f3dbb10685b6fa7ca11e56cad8a4fa2f9761af51c94c22eb36e404c9c24
db7e0b393e175f19922fefbdcaa2866fca209c521d01cc834ae06cbf8d0f91b7
dbe1bae9ac7d036a9652e5b014e300eb127e176460b1a9c5ac2db778e899b97a
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd15519fdcf63b8cb21e1cfbb2846f899ff0e93dbe2f2f518ba0ee0967b669dd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
deb1e7df8638fc8dc41f0559886fa0345821f65d677cef7bd0868a768b11a421
e0bf3aaab2e32a4f899654f635a47eb478d57a55ec1fe8facdaa71fc1b78baec
e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528
e32e769b59e7b5613d27c1293f0a3087efe32c6680d680ec5c81a4e848afb649
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e528b8c0e105d81f18326e49356c70fe222990dc412150a53671528d2a6c89b3
e6ac25d541d15d00d8ac79cbb7e6f917732a768e2a187f5cf1ce2c255c7cec07
e7b44c86b050fca766a96ddac2d0932af0126da6f2305280342d909168dcce6b
e891b7f4abf4516b922c51c77718d74ad9c70c250b9202f57eac93f931ee7b4a
e963e7196beb9123059ec3534b042ebcd1ef0a470fa568bfbebfeab2f33c4fda
ea29de07cdb14f2c6c59c06fdcd4ec30c2030b3ba8ee6a0aa325085496b9a94d
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ecde72bc5d9fd5bc5150218535ae8f75ad9161924b91e64b7995c495fc90c246
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f337be6fa2487c87cb2028bcd81551be3b77d7a35004a66d691aa58691509288
fa48f7a91f25c7a1888f23288d2d8eec1b8c8e3bb92333b8a10b565b207c2375
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
fda04c7b27b3db6bda165e1d1324e7c475edc1f3cc06e927a78f739d74992fcb
fe235d73d7991e345c8aedb8c3aa5cfba926c0d4c56b95c960e8c0f7d34113ae
fe9ad9796d39e706fe661ddf90151c0ebc03251164354d55f1ee95ca06878b40
ff069c1862f9ea1288453b3685950a74e9250861ecc7b8829b72a6a8e94350e6
ff27532996a861435ee16521a2b629badd3c7db893362c245d9abbb77885ef77
ff9ebdf44291f699348fd4dd9b9fbaacdd36186231f34ae0f71c888facdb3261
ffa57da7c3e9c28afcc94b7ccb306dbe4f68b231ac60cb2a61916628f08d7371