www.salon.com Open in urlscan Pro
2600:9000:2156:d200:1a:b9b9:50c0:93a1 Public Scan

URL: https://twitter.com/Salon

URL: http://www.theatlantic.com/health/archive/2014/02/new-report-americans-love-pizza/283721/
Title: like most Americans

URL: http://www.bbc.com/news/blogs-trending-38156985
Title: supporters of Turkish President

URL: https://voat.co/v/pizzagate/1433095
Title: one particularly bizarre incident

URL: https://proper.io/?from=sticky

URL: https://www.adlightning.com/

179.100.201.35.bc.googleusercontent.com

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/ HTTP 301
https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 41

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D&gdpr=false&us_privacy=1---&callback=window.proper_dad0cf49_be14d04d_2 HTTP 302
https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=97a9e45f-1ec0-425b-8464-c7c010a9275b&us_privacy=1---

Request Chain 42

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=8777&endpoint=us-west HTTP 301
https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west

Request Chain 44

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dpubmatic%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%23PM_USER_ID&gdpr=false&us_privacy=1---&callback=window.proper_9a01fa8a_5a7fce12_4 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dpubmatic%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%23PM_USER_ID&gdpr=false&us_privacy=1---&callback=window.proper_9a01fa8a_5a7fce12_4&rdf=1 HTTP 302
https://usync.proper.io/v1/usersync?bidder=pubmatic&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=43F2F596-E058-42AE-B71D-2E3544852ECC

Request Chain 46

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_privacy=1---&callback=window.proper_00204600_26c6c35a_6 HTTP 302
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_privacy=1---&callback=window.proper_00204600_26c6c35a_6 HTTP 302
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=4f0ec918-d07b-4f11-8d69-c068976f0959

Request Chain 47

https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_65ec45e2_b158c800_7 HTTP 302
https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_65ec45e2_b158c800_7&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_65ec45e2_b158c800_7&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0 HTTP 302
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0

Request Chain 48

https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_e2d9dbe0_cd090a93_8 HTTP 302
https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_e2d9dbe0_cd090a93_8&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_e2d9dbe0_cd090a93_8&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0 HTTP 302
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0

Request Chain 49

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_f10829ff_e6add75b_9 HTTP 302
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_f10829ff_e6add75b_9&verify=true HTTP 302
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A

Request Chain 137

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&adnxs_id=$UID HTTP 307
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D5b5141db-51fc-46f9-b723-56a1932fcc69%26adnxs_id%3D%24UID HTTP 302
https://ids.ad.gt/api/v1/match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&adnxs_id=3132108011176313798

Request Chain 138

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=5b5141db-51fc-46f9-b723-56a1932fcc69 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=5b5141db-51fc-46f9-b723-56a1932fcc69 HTTP 302
https://ids.ad.gt/api/v1/t_match?tdid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&id=5b5141db-51fc-46f9-b723-56a1932fcc69

Request Chain 139

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D5b5141db-51fc-46f9-b723-56a1932fcc69 HTTP 302
https://ids.ad.gt/api/v1/pbm_match?pbm=43F2F596-E058-42AE-B71D-2E3544852ECC&id=5b5141db-51fc-46f9-b723-56a1932fcc69

Request Chain 140

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=5b5141db-51fc-46f9-b723-56a1932fcc69 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=5b5141db-51fc-46f9-b723-56a1932fcc69&google_tc= HTTP 302
https://ids.ad.gt/api/v1/g_match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&google_gid=CAESEKLJeOaw25nh2gS_zoC3Rvg&google_cver=1&google_ula=450542624,0

Request Chain 141

https://ids.ad.gt/api/v1/g_hosted?id=5b5141db-51fc-46f9-b723-56a1932fcc69 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NWI1MTQxZGItNTFmYy00NmY5LWI3MjMtNTZhMTkzMmZjYzY5

Request Chain 142

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D5b5141db-51fc-46f9-b723-56a1932fcc69 HTTP 302
https://ids.ad.gt/api/v1/mediamath_match?user_id=ddce618a-cab6-4000-b5d7-fe9b3940e3ca&id=5b5141db-51fc-46f9-b723-56a1932fcc69

Request Chain 144

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=5b5141db-51fc-46f9-b723-56a1932fcc69 HTTP 302
https://ids.ad.gt/api/v1/ppnt_match?uid=3iIpfihM87eI&ev=1&pid=562316&id=5b5141db-51fc-46f9-b723-56a1932fcc69

Request Chain 175

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl%26auid%3D5b5141db-51fc-46f9-b723-56a1932fcc69 HTTP 302
https://ids.ad.gt/api/v1/openx?openx_id=4cec3e51-1112-457d-af85-afad60b7e760&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=5b5141db-51fc-46f9-b723-56a1932fcc69

Request Chain 177

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ddce618a-cab6-4000-b5d7-fe9b3940e3ca&expires=28

Request Chain 178

https://token.rubiconproject.com/token?pid=25470&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTSEVHQlEtMTgtQldVUg==&us_privacy=1---

Request Chain 179

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1--- HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/iSaVI5IdIMK4ILKiyTfRLcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7974841473647372663

Request Chain 180

https://token.rubiconproject.com/token?pid=26594&us_privacy=1--- HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVSHEGBQ-18-BWUR&sigv=1&esig=2~6cf430ae568a71b68fec4bda637de3285a0bb049&us_privacy=1---

Request Chain 182

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1--- HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELffI6e9Rr0W-XfWNDZN0qc&google_cver=1

Request Chain 183

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1--- HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YYrKvQADUchvnQAz HTTP 302
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYrKvQADUchvnQAz&us_privacy=1---&_test=YYrKvQADUchvnQAz

Request Chain 184

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1--- HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjliYjZkNzIzZTRiZjdmNTI2OGNjNzZmZjM5OWY3YjZjOGU2YTRiZg&us_privacy=1---

Request Chain 199

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0

Request Chain 201

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=YYrKuwADTYMbFAAz HTTP 302
https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=YYrKuwADTYMbFAAz&_test=YYrKuwADTYMbFAAz

Request Chain 208

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&_origin=1&gdpr=1&gdpr_consent=

Request Chain 213

https://c1.adform.net/serving/cookie/match?party=14&cid=43F2F596-E058-42AE-B71D-2E3544852ECC HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=43F2F596-E058-42AE-B71D-2E3544852ECC

Request Chain 214

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7942859873251720687

Request Chain 216

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028653081576274070

Request Chain 217

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q_L1luBYQq63HS41RIUuzA%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 218

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ddce618a-cab6-4000-b5d7-fe9b3940e3ca

Request Chain 219

https://pixel.onaudience.com/?partner=214&mapped=43F2F596-E058-42AE-B71D-2E3544852ECC HTTP 302
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D HTTP 302
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6f95ab493a2431ec8c6073b9b7b50837 HTTP 302
https://spl.zeotap.com/?zdid=1332&zcluid=8da33a0eb68217c4 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=107e3132-8d53-4231-68c6-82110ab5b7a2&reqId=5a6f1581-c605-4199-78d3-e2990aebe457&zcluid=8da33a0eb68217c4&zdid=1332 HTTP 302
https://mwzeom.zeotap.com/mw?google_gid=CAESEHtPwbtfV7Z278ufsq5eNew&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=107e3132-8d53-4231-68c6-82110ab5b7a2&reqId=5a6f1581-c605-4199-78d3-e2990aebe457&zcluid=8da33a0eb68217c4&zdid=1332

Request Chain 220

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDNGMkY1OTYtRTA1OC00MkFFLUI3MUQtMkUzNTQ0ODUyRUND&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 221

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIlAPaYwAZeZSPkW3v-1Lko&google_cver=1

Request Chain 223

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ddce618a-cab6-4000-b5d7-fe9b3940e3ca&gdpr=0&gdpr_consent=

Request Chain 224

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f

Request Chain 225

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5179053400064230000

Request Chain 226

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3132108011176313798&gdpr=0&gdpr_consent=

Request Chain 228

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=43F2F596-E058-42AE-B71D-2E3544852ECC&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ckHdRzpE2uVORRaNL2pzqIBR5iRFBbc-~A&gdpr=0&gdpr_consent=

Request Chain 231

https://eb2.3lift.com/sync?us_privacy=1--- HTTP 302
https://eb2.3lift.com/sync?us_privacy=1---&ld=1

Request Chain 236

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFokpXhMI4HcoptgpEzJUN4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

Request Chain 237

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent= HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzg0MTczNDkyMTMxMjI0NjA5Mw%3D%3D

Request Chain 239

https://pr-bh.ybp.yahoo.com/sync/triplelift/7841734921312246093?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2662&xuid=y-63uJ83ZE2oTYYU20gGI.HatTH2A0I35GS9R0sbOZfw--~A&dongle=0883

Request Chain 242

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=7841734921312246093 HTTP 302
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7841734921312246093&dcc=t

Request Chain 243

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

Request Chain 244

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent= HTTP 302
https://eb2.3lift.com/xuid?mid=4771&xuid=6926514267882230545&dongle=d407

Request Chain 245

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776 HTTP 301
https://eus.rubiconproject.com/usync.html?p=12776

Request Chain 246

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=3132108011176313798

Request Chain 247

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid= HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2ec14013-9831-46e2-96fb-a43a80640836

Request Chain 248

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true HTTP 302
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0 HTTP 302
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-StZ7IcVE2uGSfvxsYjJO_GG6uDzq7eJg~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0

Request Chain 249

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&ttl=1639077822

Request Chain 251

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID HTTP 302
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=7a6a91335eaacbe18ba04a730019238c096cf569

Request Chain 252

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone.com%252FuserPixel%252Fsync%253FpartnerId%253D53%2526uid%253D%2523PMUID HTTP 302
https://pr-bh.ybp.yahoo.com/sync/pubmatic/43F2F596-E058-42AE-B71D-2E3544852ECC?gdpr=0&gdpr_consent=

Request Chain 253

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D HTTP 302
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/no-consent

Request Chain 255

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=9vxnx62jcpeygwyhkqhp05edp HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=9vxnx62jcpeygwyhkqhp05edp

Request Chain 264

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc HTTP 302
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1 HTTP 302
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0

Request Chain 266

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D HTTP 302
https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=YYrKvQADUchvnQAz

Request Chain 272

https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1--- HTTP 307
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1---&b=1

Request Chain 274

https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1--- HTTP 307
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1---&b=1

Request Chain 275

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1 HTTP 302
https://ups.analytics.yahoo.com/ups/55953/sync?uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&_origin=1&gdpr=1&gdpr_consent=

Request Chain 277

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ddce618a-cab6-4000-b5d7-fe9b3940e3ca

Request Chain 279

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5179053400064230000

Request Chain 282

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEOeioM2T6WZ0UdjHZNcvyZQ&google_cver=1

Request Chain 283

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YYrKvQADUchvnQAz&gdpr=0&gdpr_consent=

Request Chain 284

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCejVFN0RGWllBQUNnTjhpdEhsUQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1

Request Chain 288

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=2283108442 HTTP 302
https://sync.1rx.io/usersync/tradedesk/b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-af2b9dfa-3dca-4714-bdf3-d5e7b1e52740-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-af2b9dfa-3dca-4714-bdf3-d5e7b1e52740-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-af2b9dfa-3dca-4714-bdf3-d5e7b1e52740-003

Request Chain 289

https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=43F2F596-E058-42AE-B71D-2E3544852ECC&gdpr= HTTP 302
https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=43F2F596-E058-42AE-B71D-2E3544852ECC&gdpr=&fbounce=1 HTTP 302
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=43F2F596-E058-42AE-B71D-2E3544852ECC&addseg=19,36,42

Request Chain 290

https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=43F2F596-E058-42AE-B71D-2E3544852ECC&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=43F2F596-E058-42AE-B71D-2E3544852ECC&sInitiator=external&gdpr=0&gdpr_consent=

Request Chain 292

https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=43F2F596-E058-42AE-B71D-2E3544852ECC HTTP 302
https://a.audrte.com/p

Request Chain 293

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://ws.rqtrk.eu/pull?redirect=https%3A%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D193%26user_id%3D%24BROWSER_ID%26expires%3D1%26ssp%3D%24bidswitch_ssp_id&return-unstable=true&eb=&bidswitch_ssp_id=pubmatic&g=1&gdpr_pd=&gdpr=0&gdpr_consent=

Request Chain 295

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=6926514267882230545&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 296

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=no-consent&gdpr=1&gdpr_consent=

Request Chain 297

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:90317f10-7d17-44ec-98bb-ba092dab96ec&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 298

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=3132108011176313798

Request Chain 304

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=uvqtCDEYw68aCvdKpNES3g==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 306

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=AeQiZEpx1MKwIH5

Request Chain 307

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://rtb.mfadsrvr.com/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=4f0ec918-d07b-4f11-8d69-c068976f0959 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_user_id=4f0ec918-d07b-4f11-8d69-c068976f0959 HTTP 302
https://x.bidswitch.net/sync?dsp_id=250&expires=14&user_id=8b661164-2f40-4ee0-b6da-352dd6eac73f&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4f0ec918-d07b-4f11-8d69-c068976f0959

Request Chain 308

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3132108011176313798

Request Chain 309

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABz5E7DFZYAACgN8itHlQ&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=sas%2Cpp%2Cox&bee_sync_current_partner=pm&bee_sync_initiator=ox&bee_sync_hop_count=1

Request Chain 310

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=uvqtCDEYw68aCvdKpNES3g==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 312

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=TBQmpcKr1MKwIH5

Request Chain 313

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://a.volvelle.tech/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=4f0ec918-d07b-4f11-8d69-c068976f0959 HTTP 302
https://a.volvelle.tech/ul_cb/sync?ssp=bidswitch&bidswitch_ssp_id=openx&bsw_uid=4f0ec918-d07b-4f11-8d69-c068976f0959 HTTP 302
https://x.bidswitch.net/sync?dsp_id=190&expires=14&user_group=1&user_id=c3403a04-22ce-4cbd-8719-23ba44f9e7d3&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4f0ec918-d07b-4f11-8d69-c068976f0959

Request Chain 314

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3132108011176313798

Request Chain 315

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AABz5E7DFZYAACgN8itHlQ&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cox%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID

Request Chain 316

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=uvqtCDEYw68aCvdKpNES3g==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 318

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=AeQiZEpx1MKwIH5

Request Chain 319

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://ads.creative-serving.com/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=4f0ec918-d07b-4f11-8d69-c068976f0959 HTTP 302
https://ads.creative-serving.com/ul_cb/bsw_sync?bidswitch_ssp_id=openx&bsw_custom_parameter=4f0ec918-d07b-4f11-8d69-c068976f0959 HTTP 302
https://x.bidswitch.net/sync?dsp_id=4&user_id=9609cfcd-70ad-4281-af60-d041bc571c77&ssp=openx&expires=30&user_group=5&bsw_param=4f0ec918-d07b-4f11-8d69-c068976f0959 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4f0ec918-d07b-4f11-8d69-c068976f0959

Request Chain 320

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3132108011176313798

Request Chain 321

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AABz5E7DFZYAACgN8itHlQ&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dox%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dox%26bee_sync_hop_count%3D1 HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=ox&bee_sync_current_partner=pp&bee_sync_initiator=ox&bee_sync_hop_count=1&ev=AABz5E7DFZYAACgN8itHlQ&pid=558502&do=add

Request Chain 323

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=YYrKvQADUchvnQAz

Request Chain 324

https://green.erne.co/openx/cm HTTP 302
https://pixel.onaudience.com/?mapped=Ll52cSVU1Hoyis0a39RxXyjL&partner=2&redirect=green.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DLl52cSVU1Hoyis0a39RxXyjL HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DLl52cSVU1Hoyis0a39RxXyjL HTTP 302
https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26redirect%3Dhttps%253A%252F%252Fgreen.erne.co%252Fct%252Fcm%253Fred%253Dhttps%25253A%25252F%25252Fus-u.openx.net%25252Fw%25252F1.0%25252Fsd%25253Fid%25253D537072998%252526rtb%25253DLl52cSVU1Hoyis0a39RxXyjL&xl8blockcheck=1 HTTP 302
https://pixel.onaudience.com/?partner=161&icm&cver&mapped=38ec4d541f60fb8130375b1b0262c129&redirect=https%3A%2F%2Fgreen.erne.co%2Fct%2Fcm%3Fred%3Dhttps%253A%252F%252Fus-u.openx.net%252Fw%252F1.0%252Fsd%253Fid%253D537072998%2526rtb%253DLl52cSVU1Hoyis0a39RxXyjL HTTP 302
https://green.erne.co/ct/cm?red=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072998%26rtb%3DLl52cSVU1Hoyis0a39RxXyjL HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072998&rtb=Ll52cSVU1Hoyis0a39RxXyjL

Request Chain 325

https://ad.turn.com/r/cs?pid=9&gdpr=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537073061&val=6926514267882230545&gdpr=1&gdpr_consent=&us_privacy=

Request Chain 326

https://rtb.openx.net/sync/dds HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_hm=uvqtCDEYw68aCvdKpNES3g==&ox_sc=1&ox_init=1 HTTP 302
https://rtb.openx.net/sync/dds?ox_sc=1&ox_init=1

Request Chain 328

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=TBQmpcKr1MKwIH5

Request Chain 329

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://ads.avct.cloud/getuid?url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 307
https://ads.avct.cloud/getuid?bounce=true&url=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D59%26user_id%3D%7B%7BUUID%7D%7D%26ssp%3Dopenx HTTP 302
https://x.bidswitch.net/sync?dsp_id=59&user_id=617ea37d-6213-43d7-8895-68812c0abde3&ssp=openx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=4f0ec918-d07b-4f11-8d69-c068976f0959

Request Chain 330

https://ib.adnxs.com/getuid?https://eu-u.openx.net/w/1.0/sd?id=537072399&val=$UID HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072399&val=3132108011176313798

Request Chain 331

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABz5E7DFZYAACgN8itHlQ

338 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Redirect Chain

http://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/

150 KB
33 KB

53ms
31ms

Document
text/html

2600:9000:2156:d200:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d200:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 90eea265fae084007f84bdb3169550bf0082a6523289d270ce6d7a436c46048a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

content-type: text/html; charset=UTF-8
content-length: 33472
cache-control: public, s-maxage=604800, max-age=0
content-encoding: br
date: Mon, 08 Nov 2021 23:48:28 GMT
server: nginx
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HHPT4K_fjH60LeLqjJA8M798-qzzNb8OYR0WKRMh1rQ_eqeavoa92Q==
age: 70505

Redirect headers

Server: CloudFront
Date: Tue, 09 Nov 2021 19:23:33 GMT
Content-Type: text/html
Content-Length: 183
Connection: keep-alive
Location: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
X-Cache: Redirect from cloudfront
Via: 1.1 5317564e96c9dceb46123f6c5f149a03.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: FRA50-C1
X-Amz-Cf-Id: 7yY4GlLKRG3f3oikT8p6npebBurlsGdhvXA04TeZGfU2xp-wQxNEGQ==

GET
H2 200 chartbeat_mab.js Show response
static.chartbeat.com/js/ 22 KB
10 KB 47ms
8ms Script
application/x-javascript 2600:9000:2156:1800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat_mab.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3d54d65d1a3e03ee57b6b3bea623447a1d39393610bdd51bb389fe20c0b17f78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:20:46 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:17:06 GMT
server: nginx
age: 3768
etag: W/"6179ec02-59c1"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: HWOlQqP-wPnBVv2U2kN4ciRlRV-rUxzVhD7g4_yFbmjpXbRS9CluKQ==
expires: Tue, 09 Nov 2021 20:20:46 GMT

GET
H2 200 salon-logo.svg
www.salon.com/design/images/ 2 KB
1 KB 9ms
9ms Image
image/svg+xml 2600:9000:2156:d200:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.salon.com/design/images/salon-logo.svg
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d200:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: df5137425e7de7419e6a429ba54ae05b9e7c3bf00a7cdda775669ffe68223cf2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 23:37:45 GMT
content-encoding: br
last-modified: Fri, 05 Nov 2021 18:14:53 GMT
server: nginx
age: 71149
etag: W/"6185749d-811"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
content-length: 910
x-amz-cf-id: GdKZVSM21mIcmHX_C72zraal2v5nb8w380H2aU1o8tLbBKx8y-Vc5A==
expires: Tue, 08 Nov 2022 23:37:45 GMT

GET
H2 200 comet_podesta.jpg
mediaproxy.salon.com/width/1200/https://media.salon.com/2016/12/ 92 KB
92 KB 52ms
16ms Image
image/webp 143.204.98.13
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaproxy.salon.com/width/1200/https://media.salon.com/2016/12/comet_podesta.jpg
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.13 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-13.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: cb0aff21806d41476b565a4b40e25dd4fca4e394852833d922dc8ac8f289d7ea

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-response-time: 226ms
date: Mon, 08 Nov 2021 21:52:30 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
server: nginx
age: 77464
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop: FRA50-C1
content-length: 93848
x-amz-cf-id: NDftlyLJr-XcqfNAckJz4lgl_53b7frIU8UGb8blkXMQXJPk8jeqsw==

GET
H2 200 salon.min.js Show response
global.proper.io/ 90 KB
15 KB 63ms
30ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/salon.min.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db009eda710756c9efb328fcbdcf19d38e0c4da9ffc3260c5bd68e7cf7c0ac2d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 05 Nov 2021 20:03:42 GMT
server: cloudflare
age: 343121
etag: W/"61858e1e-16900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6ab96a91cf375c38-FRA
expires: Tue, 09 Nov 2021 19:28:34 GMT

GET
H2 200 chartbeat.js Show response
static.chartbeat.com/js/ 36 KB
14 KB 41ms
13ms Script
application/x-javascript 2600:9000:2156:1800:18:1fcd:34f:cdc1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.chartbeat.com/js/chartbeat.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:1800:18:1fcd:34f:cdc1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: e2c28f3e8b6a2e5170859e67cff3e8240e6b888d02005306ef3d2129f5cbd74c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:32:51 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 00:27:20 GMT
server: nginx
age: 3042
etag: W/"6179ee68-8e96"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/x-javascript
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
cache-control: max-age=7200
cross-origin-resource-policy: cross-origin
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: AW19gBtjAvVT0ZzZNg-Bf4EHb9qKBS7X3JcmNTl1JTpJjJoXrL8hcg==
expires: Tue, 09 Nov 2021 20:32:51 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 4948
date: Tue, 09 Nov 2021 18:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 09 Nov 2021 20:01:06 GMT

GET
H2 200 bundle.js Show response
assets.salon.com/design/assets/ 186 KB
53 KB 47ms
11ms Script
application/javascript 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salon.com/design/assets/bundle.js?rev=946411e74d03ec6c1c539de5ce77db8492864138
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-55.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: c78d1e06582a546d5958a71b269912cdec0a4c5d22978749ff5c5570a342887f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 23:36:59 GMT
content-encoding: br
age: 71195
x-cache: Hit from cloudfront
content-length: 53451
access-control-allow-origin: *
last-modified: Wed, 03 Nov 2021 14:26:01 GMT
server: nginx
etag: W/"61829bf9-2e969"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: application/javascript
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: kkqcMbBqZOwM_OJiBcJIAD9x7qkIZg8m1zQf1-8pd9fskg1h7zuOoQ==
expires: Tue, 08 Nov 2022 23:36:59 GMT

GET
H2 200 tag.min.js Show response
get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/ 20 KB
7 KB 43ms
10ms Script
text/javascript 143.204.98.60
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/tag.min.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.60 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-60.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d472a9c7fccf3507b7125a0d6b470edde2a16eabd27e504dd08aa01c6b697f00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 04:29:42 GMT
content-encoding: gzip
last-modified: Thu, 28 Oct 2021 14:13:38 GMT
server: AmazonS3
age: 53633
etag: W/"478293adf3338220c447eede3457b4e5"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: KMzo2N0gtbmQLjo.iwaSvfQECNl.MFBM
via: 1.1 a09186728c1bcdf0a561aedd92656804.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: text/javascript
x-amz-cf-id: CLY5d4WSYJ0gOBmXN1us1l3seRNl62gL9x8CxlpShARFA2f6OfJsjA==

GET
H2 200 / Show response
mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/ 308 B
574 B 141ms
112ms XHR
application/json 2a04:4e42:600::714
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://mab.chartbeat.com/mab_strategy/headline_testing/get_strategy/?host=salon.com&domain=salon.com&path=%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F
Requested by: Host: static.chartbeat.com
URL: https://static.chartbeat.com/js/chartbeat_mab.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a04:4e42:600::714 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 581ab77f58f834b5b752e1e94ff207ce676083adf8f9fba6ad69b55028e059ce

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
x-cache-hits: 0
age: 0
x-cache: MISS
cross-origin-resource-policy: cross-origin
content-length: 221
x-served-by: cache-fra19179-FRA
access-control-allow-origin: *
x-timer: S1636485814.185023,VS0,VE101
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
content-type: application/json
via: 1.1 varnish (Varnish/6.0), 1.1 varnish
cache-control: no-store, no-cache, must-revalidate, max-age=0, s-maxage=0
accept-ranges: bytes
expires: Sun, 07 Nov 2021 19:23:34 GMT

GET quant.js
secure.quantserve.com/ 0
0

GET
H2 200 main.css
assets.salon.com/design/assets/ 54 KB
8 KB 9ms
9ms Stylesheet
text/css 143.204.98.55
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.salon.com/design/assets/main.css?rev=946411e74d03ec6c1c539de5ce77db8492864138
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.55 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-55.fra50.r.cloudfront.net
Software: nginx /
Resource Hash: c289bb7f0768e6f27949bd7a16a12290ee12317bf340cd15266a0348fe595e58

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 23:36:59 GMT
content-encoding: br
age: 71195
x-cache: Hit from cloudfront
content-length: 7733
access-control-allow-origin: *
last-modified: Thu, 14 Oct 2021 16:35:08 GMT
server: nginx
etag: W/"61685c3c-d7ac"
vary: Accept-Encoding
access-control-allow-methods: GET, POST
content-type: text/css
via: 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
cache-control: max-age=31536000, public
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: udDQkg1kiP7SL1NwBtv7IIwR5yOIPY6DeuGtAPE25R_AXodgXk3BbQ==
expires: Tue, 08 Nov 2022 23:36:59 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
146 B 14ms
13ms XHR
text/plain 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=560106512&t=pageview&_s=1&dl=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&ul=en-us&de=UTF-8&dt=Pizzagate%2C%20explained%3A%20Everything%20you%20want%20to%20know%20about%20the%20Comet%20Ping%20Pong%20pizzeria%20conspiracy%20theory%20but%20are%20too%20afraid%20to%20search%20for%20on%20Reddit%20%7C%20Salon.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KEBAAEABAAAAAC~&jid=1968064690&gjid=2084515663&cid=641520022.1636485814&tid=UA-1232497-1&_gid=252470390.1636485814&_r=1&_slc=1&cd1=Pizzagate%2C%20explained%3A%20Everything%20you%20want%20to%20know%20about%20the%20Comet%20Ping%20Pong%20pizzeria%20conspiracy%20theory%20but%20are%20too%20afraid%20to%20search%20for%20on%20Reddit&cd2=article&cd3=Andrew%20Breiner&cd5=unknown&cd9=original&z=1099954661

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
6ms Image
image/gif 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=560106512&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&ul=en-us&de=UTF-8&dt=Pizzagate%2C%20explained%3A%20Everything%20you%20want%20to%20know%20about%20the%20Comet%20Ping%20Pong%20pizzeria%20conspiracy%20theory%20but%20are%20too%20afraid%20to%20search%20for%20on%20Reddit%20%7C%20Salon.com&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=video_player_type&ea=video_proper&el=video_player&_u=KEBAAEABAAAAAC~&jid=&gjid=&cid=641520022.1636485814&tid=UA-1232497-1&_gid=252470390.1636485814&z=46725843

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 08 Nov 2021 21:33:03 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 78631
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 317 Show response
a.ad.gt/api/v1/u/matches/ 3 KB
4 KB 503ms
171ms Script
application/javascript 44.238.136.108
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://a.ad.gt/api/v1/u/matches/317?url=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&ref=
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 44.238.136.108 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-44-238-136-108.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 25c4588d852c368e5305e0fe04e34e2b3049bf5b06517f743bf9d9d90da01b79

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
server: nginx/1.18.0
content-length: 3352
content-type: application/javascript

GET
H/1.1 200
OK livestream-latest.min.js Show response
asteriresearch.com/ 27 KB
27 KB 83ms
38ms Script
application/javascript 143.204.98.76
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://asteriresearch.com/livestream-latest.min.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.76 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-76.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 8eaf796496bd3eca387e0a65eb827323b25427624ee7cea33bd337c389445706

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: numEwt9hdgTksGvTbo.Q84GdkRqVoaMY
Via: 1.1 e6d97713eb9b65f883e0f86b833878dd.cloudfront.net (CloudFront)
Last-Modified: Fri, 11 Jun 2021 17:22:35 GMT
Server: AmazonS3
X-Amz-Cf-Pop: FRA50-C1
ETag: "a2246ccaa31bd2183de37fd4c07aba1e"
X-Cache: Hit from cloudfront
Content-Type: application/javascript
Date: Tue, 09 Nov 2021 19:23:34 GMT
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 27427
X-Amz-Cf-Id: nQX_KNWEkcoL3bgMy8f8mO4J67YnCyNVMwKMcCkM-oWYlimt8f20Sg==

GET
H2 200 AGSKWxU6PPZz8t0_jW4Se2a7NkSos3KZVfogw_aYrO7blr80XSmjaBue-ZHCwTtB7VnB06UvZEM44XYdI0yvU25f9L8= Show response
fundingchoicesmessages.google.com/f/ 78 KB
28 KB 56ms
32ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU6PPZz8t0_jW4Se2a7NkSos3KZVfogw_aYrO7blr80XSmjaBue-ZHCwTtB7VnB06UvZEM44XYdI0yvU25f9L8=

Requested by

Host: global.proper.io
URL: https://global.proper.io/salon.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

45656124849927c16c51b60a02bcd87ec81f65f453bd26448f244df8d17acfda

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WNFlDK3FbKTslUCTCx0zgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WNFlDK3FbKTslUCTCx0zgA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-WNFlDK3FbKTslUCTCx0zgA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-WNFlDK3FbKTslUCTCx0zgA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1.91.0-kargo-page-takeover.js Show response
global.proper.io/payloads/ 414 KB
107 KB 40ms
39ms Script
application/javascript 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/salon.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 70b3915c982e975de60d0e046e0d891f3cb936c6be6db52609d493ff5172dc7c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 03 Nov 2021 20:09:50 GMT
server: cloudflare
age: 515613
etag: W/"6182ec8e-678ca"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: public, max-age=300
cf-ray: 6ab96a92c9a05c38-FRA
expires: Tue, 09 Nov 2021 19:28:34 GMT

POST
H2 200 salon_is_ad_free_check.php Show response
www.salon.com/ajax/ 77 B
426 B 285ms
284ms XHR
text/html 2600:9000:2156:d200:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salon.com/ajax/salon_is_ad_free_check.php
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d200:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d783bf33379246ddaebb6219871feebfd4b37a04900a52c1f2f20cc629609fd7

Request headers

Accept: */*
Referer: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 60
x-amz-cf-id: he32OrUe4qQH0vjaSOsqZAAg8y-F2Ud7ss9TslANSM4jBsh7PT1PbA==

GET
H2 200 / Show response
onetag-geo.s-onetag.com/ 555 B
970 B 37ms
9ms Fetch
application/json 143.204.98.122
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://onetag-geo.s-onetag.com/
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-122.fra50.r.cloudfront.net
Software: /
Resource Hash: f51938710e179807bbf1be9a1e9d7e3441fa74e7dfe9f46841914fb12ca7de3c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 19:49:38 GMT
via: 1.1 22b9ddafebf39d72780d68dad970d218.cloudfront.net (CloudFront), 1.1 6ea9fcffa719a56ee2be748a73d37974.cloudfront.net (CloudFront)
age: 84836
x-amzn-requestid: 9f779352-0f57-43f7-9297-fc3ebd704e3c
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: FRA56-C2, FRA50-C1
x-amz-apigw-id: IgDU2EupiYcFtqw=
content-length: 555
x-amz-cf-id: _la_4hXQj-kGPrPC4XIWUBbwwtJhZkjmQNb8kpit2AEpVX1Dh2ihZw==

GET
H2 200 beacon.min.js Show response
signal-beacon.s-onetag.com/ 29 KB
10 KB 58ms
8ms Script
application/javascript 143.204.98.87
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-beacon.s-onetag.com/beacon.min.js
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.87 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-87.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 958d46af4272fd75603fbcd0680896efbe73e2609987de68b0665500e607a6d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-server-side-encryption: AES256
date: Tue, 09 Nov 2021 13:26:51 GMT
content-encoding: gzip
last-modified: Tue, 09 Nov 2021 13:26:48 GMT
server: AmazonS3
age: 21403
etag: W/"ea838863b2b3bf40d1353c99808a5464"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: FFoz53cfgEbfQogHib76iTyL1K5X37BJ
via: 1.1 80c1ad5f9352d00b95a9da73eb6b6be5.cloudfront.net (CloudFront)
cache-control: max-age=86400
x-amz-cf-pop: FRA50-C1
content-type: application/javascript
x-amz-cf-id: UV1DJreBPS4H_sG9qQYh8d0Xw1MPfJoKx7YrC6FqYvgoyk6niUqubA==

GET
H2 200 %2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-consp Show response
signal-segments.s-onetag.com/desktop/www.salon.com/ 7 KB
938 B 43ms
14ms Fetch
application/json 143.204.98.110
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-segments.s-onetag.com/desktop/www.salon.com/%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-consp
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/tag.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.110 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-110.fra50.r.cloudfront.net
Software: /
Resource Hash: d778808b2b3ed673e6c28f32af0336c9cd66320a39d027731c639ecb3b6f50a0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 08 Nov 2021 22:44:01 GMT
via: 1.1 48391c4ed2c51e95dcabcb70cf613127.cloudfront.net (CloudFront), 1.1 055d899361491602a9ef1eb0cdc5e337.cloudfront.net (CloudFront)
age: 74373
x-amzn-requestid: fe179847-a7f5-49f5-ab29-89ab4ade59cf
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=86400, public
x-amzn-trace-id: Root=1-6189a831-489967532f33e5827420dcb1;Sampled=0
x-amz-cf-pop: FRA53-C1, FRA50-C1
content-encoding: gzip
x-amz-apigw-id: Igc3uHCOCYcFzsw=
x-amz-cf-id: CF4UXZS1HhfNg8MCj19mbIcRrghM66dnbpOqGwafCVOPJ-hhh689YA==

GET
H2 200 ping
ping.chartbeat.net/ 43 B
201 B 284ms
94ms Image
image/gif 18.211.94.94
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ping.chartbeat.net/ping?h=salon.com&p=%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&u=hg7_avGzJoCCUCBI&d=salon.com&g=1614&g0=All%20Salon&g1=Andrew%20Breiner&n=1&f=00001&c=0&x=0&m=0&y=8155&o=1600&w=1200&j=45&R=1&W=0&I=0&E=0&e=0&r=&b=349&t=URe_V1TJbXQgHS2DmimdSDIirNP&V=129&i=Pizzagate%2C%20explained%3A%20Everything%20you%20want%20to%20know%20about%20the%20Comet%20Ping%20Pong%20pizzeria%20conspiracy%20theo&tz=0&_acct=anon&sn=1&sv=DfstvEBwMmxiCb5xcdDtFeR1BC8eVb&sd=1&im=067b9ff0&_
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.211.94.94 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-18-211-94-94.compute-1.amazonaws.com
Software: /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
content-length: 43
expires: 0

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
441 B 44ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-1232497-1&cid=641520022.1636485814&jid=1968064690&gjid=2084515663&_gid=252470390.1636485814&_u=KEBAAEAAAAAAAC~&z=1672706517

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 09 Nov 2021 19:23:34 GMT
content-type: text/plain
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 main.js Show response
player.propervideo.io/new_rtp/ 116 KB
26 KB 65ms
32ms Script
application/javascript 2606:4700::6812:9eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.propervideo.io/new_rtp/main.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71456da5a003ee937acafa9b98bc0f7eecca2f38b33eb2a58b4ab532f3d19609

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 02 Nov 2021 18:49:33 GMT
server: cloudflare
age: 606829
etag: W/"6181883d-2b34d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
expires: Tue, 09 Nov 2021 19:28:34 GMT
cache-control: public, max-age=300
cf-polished: origSize=176973
cf-ray: 6ab96a9348077031-FRA
cf-bgj: minify

GET
H2 200 scroll.js Show response
static.scroll.com/js/ 17 KB
7 KB 39ms
6ms Script
application/javascript 199.232.198.217
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.scroll.com/js/scroll.js
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.198.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: UploadServer /
Resource Hash: 8f1657223a1fef42e52e40a420a5597ba44cf2e4088a90b97969230cb7d2a760

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
age: 73060
x-guploader-uploadid: ADPycdsdFQEqhkXTR92VJOVn_dNTpkuwwtQCmdUNkpYLI4MrRUqO_CzaPDOYZqcTMXWrlNaYwzyU8uPXkFq4lGIOD_I
x-cache: HIT
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: gzip
content-length: 6448
x-served-by: cache-fra19145-FRA
last-modified: Thu, 04 Nov 2021 23:05:53 GMT
server: UploadServer
x-timer: S1636485814.285742,VS0,VE0
etag: "1a3ebebabf09bbd4a49ef06cdafcdcb2"
vary: Origin
x-goog-hash: crc32c=klABqg==, md5=Gj6+ur8Ju9SknvBs2vzcsg==
x-goog-generation: 1636067153734265
via: 1.1 varnish
expires: Fri, 05 Nov 2021 23:05:54 GMT
cache-control: public, max-age=0, s-maxage=86400
access-control-allow-credentials: true
x-goog-stored-content-length: 6448
accept-ranges: bytes
content-type: application/javascript
x-scrolljs: 3
x-cache-hits: 21045

GET
H2 200 social_counts.php Show response
www.salon.com/ajax/ 249 B
508 B 121ms
120ms XHR
text/html 2600:9000:2156:d200:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salon.com/ajax/social_counts.php?post_id=14655043
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d200:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 95173bc0f652e4379838b8fdea7e5786819cf66c4807f3b8501bad49b1216e58

Request headers

Accept: */*
Referer: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/html; charset=UTF-8
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
cache-control: no-store, no-cache, must-revalidate, max-age=0, post-check=0, pre-check=0
content-length: 139
x-amz-cf-id: zhgZuVwC7iMyWz1XYJEJffC2jh6imIIC-DYVy6tmyVhAmJqWeepLYQ==

GET
H2 204 / Show response
ywgysqpm3f.execute-api.us-east-1.amazonaws.com/prod/livestream/ 0
349 B 151ms
151ms XHR
text/plain 143.204.98.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ywgysqpm3f.execute-api.us-east-1.amazonaws.com/prod/livestream/?placement=45_41
Requested by: Host: asteriresearch.com
URL: https://asteriresearch.com/livestream-latest.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-124.fra50.r.cloudfront.net
Software: / Express
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amzn-requestid: 000dce2e-8da5-466f-a812-3f49b5f65198
x-amz-cf-pop: FRA50-C1
x-powered-by: Express
x-cache: Miss from cloudfront
access-control-allow-origin: *
x-amzn-trace-id: Root=1-618acab6-2acf76c60e04862b562c57e9;Sampled=0
x-amz-apigw-id: IjSciFQ5IAMF-vw=
x-amz-cf-id: aTHbBR9d8jFQUWR_L7yTvm0x-G8cru8Xop9n8Tpb1mV-xqvqH9k17g==

OPTIONS
H2 200 /
ywgysqpm3f.execute-api.us-east-1.amazonaws.com/prod/livestream/ Frame 0
0 132ms
103ms Preflight
application/json 143.204.98.124
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ywgysqpm3f.execute-api.us-east-1.amazonaws.com/prod/livestream/?placement=45_41
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.124 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-124.fra50.r.cloudfront.net
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://www.salon.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

content-type: application/json
content-length: 1
date: Tue, 09 Nov 2021 19:23:34 GMT
x-amzn-requestid: bcaf4eae-3e36-4377-944e-e2685e6b92e5
access-control-allow-origin: https://www.salon.com
access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
x-amz-apigw-id: IjSchHp1IAMFzrQ=
access-control-allow-methods: OPTIONS,GET
x-cache: Miss from cloudfront
via: 1.1 1d87c34bb2f20fda8e0841bc33179769.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: z2OQXji86HOc2v0L0Da1uW_sgpoJdxe2Rgk8YRLYwu58Z0zCNsgNnw==

POST
H2 204 AGSKWxUQ0zgSo0r9jeskNn-edGVNWxUPmqq-MBiq7aYcz_SAsErTX2r8Jq8SeUNW-gcJjy91WztFzohKMRj1HYicaR0= Show response
fundingchoicesmessages.google.com/el/ 0
895 B 45ms
23ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUQ0zgSo0r9jeskNn-edGVNWxUPmqq-MBiq7aYcz_SAsErTX2r8Jq8SeUNW-gcJjy91WztFzohKMRj1HYicaR0=?pvid=E8C8DC6A-077C-441E-991F-2E3D47117DFD&anonid=FD5A339B-C03F-450A-822E-A12A9B3A8714

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorServingResponseClientJs.de.pbbayxau3DY.es5.O/d=1/rs=AJlcJMwyHhohld-aTL6KxHgMC1KoRlQuKw/m=kernel_loader,loader_js_executable

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vk5qqdP2K0qNcZ5dj6cV8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-vk5qqdP2K0qNcZ5dj6cV8g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-vk5qqdP2K0qNcZ5dj6cV8g' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-vk5qqdP2K0qNcZ5dj6cV8g' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 AGSKWxU0hxan6D_tLzeFRsd24MhgBuy9nmO9BpOtc29xGrRYfhz1ScU7pWLG9jtlQGDTPfDTsbhOOjDO_YhimvViz-U= Show response
fundingchoicesmessages.google.com/f/ 274 KB
54 KB 72ms
71ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/f/AGSKWxU0hxan6D_tLzeFRsd24MhgBuy9nmO9BpOtc29xGrRYfhz1ScU7pWLG9jtlQGDTPfDTsbhOOjDO_YhimvViz-U=?fccs=W251bGwsbnVsbCxudWxsLG51bGwsbnVsbCxudWxsLFsxNjM2NDg1ODE0LDI4NDAwMDAwMF0sIkU4QzhEQzZBLTA3N0MtNDQxRS05OTFGLTJFM0Q0NzExN0RGRCIsIkZENUEzMzlCLUMwM0YtNDUwQS04MjJFLUExMkE5QjNBODcxNCIsbnVsbCxbbnVsbCxbN10sbnVsbCxudWxsLG51bGwsbnVsbCxmYWxzZV0sImh0dHBzOi8vd3d3LnNhbG9uLmNvbS8yMDE2LzEyLzEwL3BpenphZ2F0ZS1leHBsYWluZWQtZXZlcnl0aGluZy15b3Utd2FudC10by1rbm93LWFib3V0LXRoZS1jb21ldC1waW5nLXBvbmctcGl6emVyaWEtY29uc3BpcmFjeS10aGVvcnktYnV0LWFyZS10b28tYWZyYWlkLXRvLXNlYXJjaC1mb3Itb24tcmVkZGl0LyIsbnVsbCxbXV0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

df1e3a3daf4ad044daf14bb5e09537c2300e80b5f16c9c050c31bf3cb915865f

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ELRx9NpYehwpWMk/oDzBjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ELRx9NpYehwpWMk/oDzBjQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: ESF
cross-origin-opener-policy: same-origin; report-to="ContributorGlobalRouterHttp"
x-frame-options: SAMEORIGIN
report-to: {"group":"ContributorGlobalRouterHttp","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ContributorGlobalRouterHttp/external"}]}
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorGlobalRouterHttp/cspreport, script-src 'report-sample' 'nonce-ELRx9NpYehwpWMk/oDzBjQ' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorGlobalRouterHttp/cspreport;worker-src 'self', script-src 'nonce-ELRx9NpYehwpWMk/oDzBjQ' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorGlobalRouterHttp/cspreport
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 52ms
29ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1232497-1&cid=641520022.1636485814&jid=1968064690&_u=KEBAAEAAAAAAAC~&z=2009086928

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 67ms
44ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-1232497-1&cid=641520022.1636485814&jid=1968064690&_u=KEBAAEAAAAAAAC~&z=2009086928

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
graph.facebook.com/v3.3/ 252 B
777 B 98ms
56ms Script
text/javascript 2a03:2880:f02d:e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://graph.facebook.com/v3.3/?callback=jQuery33102869372877642309_1636485814176&fields=engagement&access_token=574263426402934%7C846eede5ca03c85a031c5a7d1117e3e5&id=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&_=1636485814177

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d70751f627acbeb0f69b832fcdaf37a996b221b3880e5e24c832c7122d17dd20

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=15552000; preload
content-encoding: br
www-authenticate: OAuth "Facebook Platform" "invalid_request" "(#4) Application request limit reached"
x-app-usage: {"call_count":212,"total_cputime":0,"total_time":50}
cross-origin-resource-policy: cross-origin
x-fb-rev: 1004697793
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 196
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: BeQtHPoZsMOrXTdlEqS5JM45WWKtkCEeljwT3uzMQhXt4Y1UfK6dZ4CW4OGUrYGL0+l7y/Lr4Q3RhjIm860RXQ==
x-fb-trace-id: CdxqChTEU1B
date: Tue, 09 Nov 2021 19:23:34 GMT
vary: Origin, Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
x-fb-request-id: A3mKeeq3eRwl8-qsJ_p8np4
cache-control: no-store
facebook-api-version: v5.0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 info.json Show response
www.reddit.com/api/ 120 B
1 KB 149ms
122ms XHR
application/json 151.101.65.140
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.reddit.com/api/info.json?url=https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.65.140 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

snooserv /

Resource Hash

0cfd01f61f14eb6d881159ad18587bb4501c97ae7db9bbc9c5dd04a35362cb03

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-ratelimit-used: 3
via: 1.1 varnish
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-length: 120
x-xss-protection: 1; mode=block
x-ua-compatible: IE=edge
x-moose: majestic
x-clacks-overhead: GNU Terry Pratchett
server: snooserv
x-frame-options: SAMEORIGIN
date: Tue, 09 Nov 2021 19:23:34 GMT
x-ratelimit-remaining: 297
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
access-control-expose-headers: X-Moose
cache-control: private, s-maxage=0, max-age=0, must-revalidate, no-store, max-age=0, must-revalidate
x-ratelimit-reset: 386
accept-ranges: bytes
expires: -1

POST
H2 200 check Show response
connect.scroll.com/embed/ 0
1 KB 136ms
114ms XHR
application/json 35.201.100.179
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.scroll.com/embed/check

Requested by

Host: static.scroll.com
URL: https://static.scroll.com/js/scroll.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

35.201.100.179 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name

Value

Content-Security-Policy

default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com https://scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic';

Strict-Transport-Security

max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
via: 1.1 google
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
content-security-policy: default-src https: 'unsafe-eval' 'unsafe-inline'; child-src blob:;frame-ancestors https: http:; object-src 'none'; img-src 'self' https://*.scroll.com https://logo-scroll.imgix.net https://u-scroll.imgix.net https://pub-scroll.imgix.net https://scroll-static.imgix.net https://scroll.imgix.net https://logo-scratch-scroll.imgix.net https://www.google-analytics.com https://www.googletagmanager.com https://*.stripe.com data: https://static.scroll.com https://assets.scroll.com https://scroll.com; connect-src 'self' https://api.stripe.com https://checkout.stripe.com https://sentry.io https://o74190.ingest.sentry.io https://www.google-analytics.com https://fonts.googleapis.com https://*.scroll.com https://static.scroll.com https://api.scroll.com/v1/; frame-src 'self' https://js.stripe.com https://hooks.stripe.com https://checkout.stripe.com https://accounts.google.com https://static.scroll.com https://assets.scroll.com https://scroll.com; font-src https://fonts.googleapis.com https://fonts.gstatic.com/ https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com https://scroll.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com https://use.typekit.net https://p.typekit.net https://static.scroll.com https://assets.scroll.com; script-src 'self' 'unsafe-inline' https://js.stripe.com/v3/ https://checkout.stripe.com https://apis.google.com https://www.google-analytics.com https://www.googletagmanager.com https://browser.sentry-cdn.com https://static.scroll.com https://assets.scroll.com 'nonce-null' 'strict-dynamic';
alt-svc: clear
content-length: 0

GET
H2 200 css
fonts.googleapis.com/ 54 KB
4 KB 44ms
20ms Stylesheet
text/css 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host:
URL: /_/mss/boq-content-ads-contributor/_/js/k=boq-content-ads-contributor.ContributorIabTcfV2ClientJs.de.gAzcN9rHdVg.es5.O/d=1/rs=AJlcJMwqozDdL5RSIFwXUArMe1xGeGBq6w/m=iabtcfv2wallscript

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1d94be6ff05be0fbb645591bca2a96f3ff991a46a304a40c73c17c798a1ed023

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 19:23:34 GMT
server: ESF
date: Tue, 09 Nov 2021 19:23:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 09 Nov 2021 19:23:34 GMT

GET
H2 200 Ox7mB4USqjJKDjfyyFN8wg_nUmEfXWTiUIOqMuGxgD0vVLX6AzxZQVJtS_-oSbZQOitgEVhIBy1y9-IQ7dXNctSgd1ArO-3svCdSyDUl1pK8Sod70EtP=h60
lh3.googleusercontent.com/ 2 KB
2 KB 31ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/Ox7mB4USqjJKDjfyyFN8wg_nUmEfXWTiUIOqMuGxgD0vVLX6AzxZQVJtS_-oSbZQOitgEVhIBy1y9-IQ7dXNctSgd1ArO-3svCdSyDUl1pK8Sod70EtP=h60

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

db2c15c2e76a2f6e8ec9e2bef69f55e123e4949840caf2c0fcb5b606fb56a361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 17:16:24 GMT
x-content-type-options: nosniff
age: 7630
content-disposition: inline;filename="unnamed.png"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1619
x-xss-protection: 0
server: fife
etag: "v1"
vary: Origin
content-type: image/png
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Fri, 22 Oct 2021 12:05:25 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 47ms
21ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-657872957

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3cb4f71d3b837063741c3a8c0669e04fc6ce2a50a82edd157b983c0a3574c2eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39814
x-xss-protection: 0
last-modified: Tue, 09 Nov 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 09 Nov 2021 19:23:34 GMT

GET
H2 200 op.js Show response
tagan.adlightning.com/properio/ 59 KB
24 KB 41ms
13ms Script
application/javascript 143.204.98.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/properio/op.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 09ba4ca00b882ebf69e40c58de54e03076f3fbfb899b4899f3e946037c6369c8

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: 59afDp2lk0_XbJBWzODuItO3WhVFr2vp
content-encoding: gzip
etag: "aaef8ad247f9fea74dab81ac17992203"
age: 1774
x-cache: Hit from cloudfront
content-length: 24366
x-amz-meta-git_commit: 7b120a5
last-modified: Tue, 09 Nov 2021 14:38:41 GMT
server: AmazonS3
date: Tue, 09 Nov 2021 18:54:26 GMT
content-type: application/javascript
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
x-amz-cf-id: fjmmdzxRsN0E8Kb1zSlR61OTA-FiqtlC7Vb-dyxcP3WJaxsVZB3zxg==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 79 KB
27 KB 38ms
17ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

ec7cbcb312411e6c0f7bfc0c83543804cee6ce8709d54018422f8730af889f58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1039 / 738 of 1000 / last-modified: 1636459612"
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27078
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 19:23:34 GMT

GET
H/1.1 204
No Content merge Show response
ce.lijit.com/ 0
348 B 47ms
13ms Script
text/plain 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=263069&3pid=b600186d-3119-4576-a6a8-731513ef1b99&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%5BSOVRNID%5D&gdpr=false&us_privacy=1---&callback=window.proper_0faea0f8_bde61820_1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:34 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://prebid.a-mo.net/cchain/0?cb=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dadaptmx%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D&gdpr=false&us_privacy=1---&callback...
https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=97a9e45f-1ec0-425b-8464-c7c010a9275b&us_privacy=1---

181 B
383 B

538ms
171ms

Script
text/javascript

35.163.158.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=97a9e45f-1ec0-425b-8464-c7c010a9275b&us_privacy=1---
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 35.163.158.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-158-84.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 11d60445baf32d9ab7b432fc5fc60d0312aac8ac6a2286dc054387a5c79e61b7

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 19:23:35 GMT
server: nginx/1.18.0
content-length: 181
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=adaptmx&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=97a9e45f-1ec0-425b-8464-c7c010a9275b&us_privacy=1---
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: max-age=0, private, must-revalidate
x-envoy-upstream-service-time: 4
server: envoy
content-length: 0

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 9768
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=8777&endpoint=us-west
https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west

281 B
554 B

62ms
15ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Nov 2021 19:23:34 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
Date: Tue, 09 Nov 2021 19:23:34 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2 204 pbsync Show response
ads.yieldmo.com/ 0
35 B 137ms
33ms Script
text/plain 52.49.74.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.yieldmo.com/pbsync?&redirectUri=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dyieldmo%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%24UID&gdpr=false&us_privacy=1---&callback=window.proper_09f3dde5_50681b4c_3
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.74.33 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-74-33.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dpubmatic%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%23PM_USER_...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dpubmatic%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%23PM_USER_...
https://usync.proper.io/v1/usersync?bidder=pubmatic&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=43F2F596-E058-42AE-B71D-2E3544852ECC

182 B
386 B

625ms
335ms

Script
text/javascript

35.163.158.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=pubmatic&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=43F2F596-E058-42AE-B71D-2E3544852ECC
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 35.163.158.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-158-84.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 1469660109dddd63600afd83fb1539087d62079b38aabae94f3c7c109e46f859

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 19:23:35 GMT
server: nginx/1.18.0
content-length: 182
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=pubmatic&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=43F2F596-E058-42AE-B71D-2E3544852ECC
date: Tue, 09 Nov 2021 19:23:34 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H/1.1 200
OK usersync Show response
match.bnmla.com/ 0
114 B 314ms
100ms Script
text/plain 38.27.122.126
COGENT-174

General

Check archive.org

Show headers Download Go to

Full URL: https://match.bnmla.com/usersync?sspid=1000227&redir=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dengagebdr%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%5BUUID%5D&callback=window.proper_1f55e725_9a1cc3f0_5
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 38.27.122.126 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 19:23:34 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://x.bidswitch.net/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&us_pri...
https://x.bidswitch.net/ul_cb/check_uuid/https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dmediagrid%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%24%7BBSW_UUID%7D?gdpr=false&...
https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=4f0ec918-d07b-4f11-8d69-c068976f0959

183 B
386 B

628ms
334ms

Script
text/javascript

35.163.158.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=4f0ec918-d07b-4f11-8d69-c068976f0959
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 35.163.158.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-158-84.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: a1870812bcf2120de1c596fe15845f05e02cd5082b41f681a2248b7373e65aa2

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 19:23:35 GMT
server: nginx/1.18.0
content-length: 183
content-type: text/javascript

Redirect headers

Location: https://usync.proper.io/v1/usersync?bidder=mediagrid&proper_uid=b600186d-3119-4576-a6a8-731513ef1b99&uid=4f0ec918-d07b-4f11-8d69-c068976f0959
Date: Tue, 09 Nov 2021 19:23:34 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_65ec45e2_b158c800_7
https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_65ec45e2_b158c800_7&verify=true
https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_65ec45e2_b158c800_7&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0

189 B
426 B

290ms
172ms

Script
text/javascript

35.163.158.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 35.163.158.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-158-84.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ffd131a54e048ba5fe651817fa29bd0b03bfd7db1432ed496e4a0549253f46a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 19:23:35 GMT
server: nginx/1.18.0
content-length: 189
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0
date: Tue, 09 Nov 2021 19:23:34 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_e2d9dbe0_cd090a93_8
https://pixel.advertising.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_e2d9dbe0_cd090a93_8&verify=true
https://ups.analytics.yahoo.com/ups/58316/sync?redir=true&gdpr=false&us_privacy=1---&callback=window.proper_e2d9dbe0_cd090a93_8&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0
https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0

189 B
426 B

291ms
172ms

Script
text/javascript

35.163.158.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 35.163.158.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-158-84.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: ffd131a54e048ba5fe651817fa29bd0b03bfd7db1432ed496e4a0549253f46a3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 19:23:35 GMT
server: nginx/1.18.0
content-length: 189
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=aol_instream_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0
date: Tue, 09 Nov 2021 19:23:34 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2

200

usersync Show response
usync.proper.io/v1/
Redirect Chain

https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_f10829ff_e6add75b_9
https://ups.analytics.yahoo.com/ups/58355/sync?redir=true&callback=window.proper_f10829ff_e6add75b_9&verify=true
https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A

151 B
360 B

463ms
171ms

Script
text/javascript

35.163.158.84
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 35.163.158.84 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-163-158-84.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: a8a794fedfd3b5845161997889a8e949d7a77ec02521084896d9c11f0be7e151

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 19:23:35 GMT
server: nginx/1.18.0
content-length: 151
content-type: text/javascript

Redirect headers

location: https://usync.proper.io/v1/usersync?bidder=verizon_media_s2s&uid=y-whctHgBE2uFNYB09mUdLYolZhbbGDnVl~A
date: Tue, 09 Nov 2021 19:23:34 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1 204
No Content merge Show response
ce.lijit.com/ 0
348 B 13ms
13ms Script
text/plain 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=263069&3pid=b600186d-3119-4576-a6a8-731513ef1b99&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_instream%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%5BSOVRNID%5D&gdpr=false&us_privacy=1---&callback=window.proper_4f0c9be0_8c3a28e5_10
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:34 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H/1.1 204
No Content merge Show response
ce.lijit.com/ 0
348 B 15ms
14ms Script
text/plain 216.52.2.48
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://ce.lijit.com/merge?pid=263069&3pid=b600186d-3119-4576-a6a8-731513ef1b99&location=https%3A%2F%2Fusync.proper.io%2Fv1%2Fusersync%3Fbidder%3Dsovrn_outstream%26proper_uid%3Db600186d-3119-4576-a6a8-731513ef1b99%26uid%3D%5BSOVRNID%5D&gdpr=false&us_privacy=1---&callback=window.proper_ba848b2d_b72272bd_11
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.48 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: nginx / raptor
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:34 GMT
X-MERGE: GDPR Optout true
Server: nginx
X-Powered-By: raptor
P3P: CP="CUR ADM OUR NOR STA NID"
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod: ad_ap5ams1
Expires: Fri, 20 Mar 2009 00:00:00 GMT

GET
H2 200 launcher-stub.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 10 KB
4 KB 47ms
14ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 6b2b5b05933a00a9e1beb6e53fba22bf77feaa3c203e361d637985750fec4bab

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "2988-5b94848b276f9-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 3813
expires: Tue, 09 Nov 2021 19:38:34 GMT

GET
H2 200 ats.js Show response
ats.rlcdn.com/ 185 KB
61 KB 67ms
10ms Script
application/x-javascript 143.204.98.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ats.rlcdn.com/ats.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.71 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-71.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cceefd476057bb3f36703d027ec405887d25d05311d491b9a203d4c60a2d75fb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: sCfIJpeEYSsr1Erp9JPQ5XALijjlTltt
content-encoding: gzip
etag: W/"a8f24de78b4dc3ecbbff83b08aa9e411"
age: 64772
x-amz-server-side-encryption: AES256
x-amz-meta-codebuild-buildarn: arn:aws:codebuild:eu-west-1:469675294282:build/ATSLibrary-prod:6a2bb6c4-0bf5-4773-8a36-cefcec4742e6
x-cache: Hit from cloudfront
x-amz-meta-codebuild-content-md5: 014263e4dda4020061af64b081a8e627
last-modified: Fri, 05 Nov 2021 09:22:31 GMT
server: AmazonS3
date: Tue, 09 Nov 2021 01:24:03 GMT
vary: Accept-Encoding
x-amz-meta-codebuild-content-sha256: 4ad1795a3ae6c6b7b8c516c7d218d3ef7f69c9d8f4459e5652ddcd4b5ef110bd
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
content-type: application/x-javascript
x-amz-cf-id: QfC-9sQuvS1gULL1T0N7BIzb7U6R-rNRStTNHepfHtM6IrBoz9jU_A==

POST
H/1.1 200 445.json Show response
id5-sync.com/g/v2/ 213 B
531 B 98ms
23ms XHR
application/json 51.195.5.231
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/445.json

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

51.195.5.231 , France, ASN16276 (OVH, FR),

Reverse DNS

p35.id5-sync.com

Software

Resource Hash

b726dc4d8a084aecdbc291f51f86efc9588ecc2b2d19ff7e1ef578fdb3e43625

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.salon.com
Date: Tue, 09 Nov 2021 19:23:26 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 204 id Show response
id.sharedid.org/ 0
213 B 500ms
159ms XHR
text/plain 52.42.52.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://id.sharedid.org/id
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.42.52.156 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-42-52-156.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.salon.com
pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: no-cache,no-store,must-revalidate
access-control-allow-credentials: true
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
expires: 0

GET
H2 200 f Show response
fid.agkn.com/ 151 B
684 B 537ms
163ms XHR
application/javascript 34.208.145.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fid.agkn.com/f?apiKey=2361619832&r=https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.208.145.43 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-208-145-43.us-west-2.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 9c55edd4a6a9e777ee753ddeb8d22638c355e88f69bb3c3c4dd0959e38777e7b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
server: AAWebServer
vary: Origin
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: application/javascript;charset=iso-8859-1
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
content-length: 151
expires: 0

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 668ms
161ms XHR
application/octet-stream 34.210.253.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 09 Nov 2021 19:23:35 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 184 B
387 B 183ms
106ms XHR
application/json 35.158.190.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.190.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-190-179.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 40f864f0bc5503d5abeb0daca58c2c7547695ba5f7a82f5ec6dbb0219341c3d3

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 174
expires: 0

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
318 B 131ms
98ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 1a4d924d2aff203acc8a67e7cfeb24e2d62f39380e31ec3189b1dfb080e7f6f0

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 204 mvo Show response
tag.1rx.io/rmp/79404/0/ 0
169 B 74ms
40ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/79404/0/mvo?z=1r&hbv=5.18,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 204
No Content 266845 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 106ms
40ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/266845
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 19:23:34 GMT
X-SpotX-Timing-Transform: 0.000631
X-SpotX-Timing-SpotMarket: 0.010142
X-SpotX-Timing-Page-Mux: 0.000414
X-SpotX-Timing-Page-Require: 0.000576
X-fe: 074
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000039
X-SpotX-Timing-Page: 0.020450
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000424
Last-Modified: Tue, 09 Nov 2021 19:23:34 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.010142
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.salon.com
X-SpotX-Timing-Page-Misc: 0.008206
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000017
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 136 B
813 B 53ms
24ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

ee67606e6d879b7748b250c54de649d2bdf7bc29a5a2787305796f40fa11563a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:34 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ee7e709e-a831-4c56-a1ea-f484d4deb6ce
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.salon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 136
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 204
No Content bid.json Show response
reachms.bfmio.com/ 0
338 B 675ms
333ms XHR
application/json 52.44.23.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reachms.bfmio.com/bid.json?exchange_id=50ca0ab3-beba-49da-fdbd-e88d655c87f6
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.23.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-23-52.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.salon.com
Access-Control-Expose-Headers: location
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=ISO-8859-1
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 167ms
118ms XHR
application/json 3.66.59.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Proper
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.59.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-59-71.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 204 hb Show response
hb.undertone.com/ 0
687 B 147ms
102ms XHR
text/plain 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3520&domain=salon.com&gdpr=0&gdprstr=&ccpa=1---
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-91.fra50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.salon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: hWRBgzZ05DwEtQGiMhWDbnPZ2oYqrhkvbSZl8XmEJoGsZtPvPs99uQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
115 B 81ms
30ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:33 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 46 B
393 B 81ms
51ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=683179&v=8.1&ac=j&sd=1&r=%7B%22id%22%3A%2229585105-0778-4134-a475-5fc97a682100%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221-WAe4I%22%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%221-WAe4I%22%2C%22siteID%22%3A%22683179%22%7D%2C%22video%22%3A%7B%22placement%22%3A1%2C%22topframe%22%3A1%2C%22skip%22%3A1%2C%22linearity%22%3A1%2C%22minduration%22%3A10%2C%22maxduration%22%3A30%2C%22playbackmethod%22%3A%5B2%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%2C%22us_privacy%22%3A%221---%22%7D%7D%7D&nf=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 9ae10ad42503bbf832047db6367520f51d1343cbc83911a7af7742bd702101da

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.73], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.salon.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 66
x-ak-client-geo: 12
expires: Tue, 09 Nov 2021 19:23:34 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
158 B 47ms
13ms XHR
text/plain 35.158.25.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1636485814549
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

GET
H2 200 avjp Show response
propermedia-d.openx.net/v/1.0/ 106 B
509 B 48ms
21ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=91ae4378-aee3-4b04-9b2f-74374bd22cea&pubcid=b600186d-3119-4576-a6a8-731513ef1b99&nocache=1636485814550&auid=540772256&aumfs=1000&vwd=640&vht=480&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&x_gdpr_f=1&us_privacy=1---&_pubcid=b600186d-3119-4576-a6a8-731513ef1b99
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
via: 1.1 google
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.salon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 133 KB
36 KB 55ms
10ms Script
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 973fe12f5130be123a73261e3956030b8a1c380f8cd8234e319b51bda6892898

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: okBBdl4mniljyIhAB_yWlERThSsUPvbQ
content-encoding: gzip
etag: fc2e1be4d234471752ea2ebee7e63d1e
age: 202
x-cache: Hit from cloudfront
server: Server
x-amz-rid: 1C4V3G75WKPG30MMWW2X
date: Tue, 09 Nov 2021 19:20:37 GMT
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
cache-control: public, max-age=900
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-cf-id: NCFl7FHkmlfZum81wWNxPd4Ebsu75AUGRgep5FPIBu1uhHIH-Ub9vw==

GET
H2 200 get_video.php Show response
player.propervideo.io/ajax/ 3 KB
2 KB 37ms
18ms XHR
text/html 2606:4700::6812:9eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.propervideo.io/ajax/get_video.php?id=salon-playlist-salon_featured&site=salon
Requested by: Host: player.propervideo.io
URL: https://player.propervideo.io/new_rtp/main.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.3.23
Resource Hash: d4a7f9b4cd178d5a92d227083abedba1241bd13b2e0a2292ca0b0d00a116430d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
cf-cache-status: HIT
age: 606824
x-powered-by: PHP/7.3.23
last-modified: Tue, 02 Nov 2021 18:49:50 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: PUT, GET, POST
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
x-server-id: 1
cache-control: public, max-age=300
access-control-allow-credentials: true
cf-ray: 6ab96a955cf616ea-FRA
expires: Tue, 09 Nov 2021 19:28:34 GMT

GET
H2 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v27/ 44 KB
44 KB 44ms
16ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v27/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88915cdc03fc5b9a20aec966fe93ee38aa3fd76bfef296e41d305271b3541c96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.salon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 16:21:35 GMT
x-content-type-options: nosniff
age: 442919
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 44656
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 00:30:43 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 16:21:35 GMT

GET
H2 200 flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2
fonts.gstatic.com/s/materialicons/v114/ 114 KB
114 KB 36ms
8ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/materialicons/v114/flUhRq6tzZclQEJ-Vdg-IuiaDsNc.woff2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b819e02fcd718274f1b6ad5e11e5b6330f25f5388b8ceb6213463725e81644af

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.salon.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 00:16:28 GMT
x-content-type-options: nosniff
age: 68826
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116484
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 00:08:13 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 09 Nov 2022 00:16:28 GMT

POST
H2 204 AGSKWxUC8dXXNqGhLCp25C1LxETqmab8xGD8yPhKmOPcDSY3sCA420gxHEEGyz1gVCw-Xx1tQpEJoKkyLnMuwAHPbkrfr6fMxeLFVvLb7qoV4WiMKfRUdZA_U6cYPX3yH1ETkwd6N9dZJUhnJ4bxTjCfUnQtB_PO60iMbv1yVbmM0XdGnVoQ8-3XWkufY9ec Show response
fundingchoicesmessages.google.com/el/ 0
363 B 27ms
27ms XHR
text/html 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/el/AGSKWxUC8dXXNqGhLCp25C1LxETqmab8xGD8yPhKmOPcDSY3sCA420gxHEEGyz1gVCw-Xx1tQpEJoKkyLnMuwAHPbkrfr6fMxeLFVvLb7qoV4WiMKfRUdZA_U6cYPX3yH1ETkwd6N9dZJUhnJ4bxTjCfUnQtB_PO60iMbv1yVbmM0XdGnVoQ8-3XWkufY9ec?dmid=53cb964110ed71cd

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DlnKqSJm562EWT78crXGmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DlnKqSJm562EWT78crXGmA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: ESF
cross-origin-opener-policy: same-origin
x-frame-options: SAMEORIGIN
access-control-max-age: 86400
access-control-allow-methods: POST, GET, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorLoggingHttp/cspreport, script-src 'report-sample' 'nonce-DlnKqSJm562EWT78crXGmA' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorLoggingHttp/cspreport;worker-src 'self', script-src 'nonce-DlnKqSJm562EWT78crXGmA' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorLoggingHttp/cspreport
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 136 B
813 B 15ms
15ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

8d42a351494987857338e348ffc8405b1e2daf4142ab70020f23161247b50879

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:34 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: ebb9df4f-cf4d-436d-9352-8f68123691a6
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.salon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 136
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK bid Show response
ap.lijit.com/rtb/ 115 B
756 B 112ms
72ms XHR
application/json 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/rtb/bid?src=prebid_prebid_5.18.0
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: /
Resource Hash: 8dc38061f6e1712bd805a41b9cd12e8aeff1dd7c5bcb4cceaafdfd29f8cf275b

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 19:23:34 GMT
Content-Encoding: gzip
Vary: Accept-Encoding, User-Agent
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Content-Type: application/json
Access-Control-Allow-Origin: https://www.salon.com
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap4ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 110

POST
H2 200 cdb Show response
bidder.criteo.com/ 18 B
282 B 76ms
24ms XHR
application/json 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=34&wv=5.18.0&cb=4767959391&im=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: ad6aa18e132c373e6a0be7543103d4e5dfde8680587cea250550686591419910

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
server: Finatra
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 44

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 76ms
35ms XHR
text/plain 18.159.151.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=F8MULVWUDAosezLnCD16d3xY&bidId=F8MULVWUDAosezLnCD16d3xY&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=b600186d-3119-4576-a6a8-731513ef1b99&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.151.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-151-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:34 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 58ms
17ms XHR
text/plain 18.159.151.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=PZwN3mqAjDonBQyis5e1EDSB&bidId=PZwN3mqAjDonBQyis5e1EDSB&bidfloor=0.5&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=b600186d-3119-4576-a6a8-731513ef1b99&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.151.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-151-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:34 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 69ms
28ms XHR
text/plain 18.159.151.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=kT4ysUFN4n5metmdia1r2pcG&bidId=kT4ysUFN4n5metmdia1r2pcG&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=b600186d-3119-4576-a6a8-731513ef1b99&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.151.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-151-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:34 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
112 B 65ms
24ms XHR
text/plain 18.159.151.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=DQMnTARGrrM5gxNdN6yAtmtp&bidId=DQMnTARGrrM5gxNdN6yAtmtp&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=b600186d-3119-4576-a6a8-731513ef1b99&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.151.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-151-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:34 GMT
access-control-allow-credentials: true
vary: Origin

GET
H2 204 v1 Show response
btlr.sharethrough.com/WYu2BXv1/ 0
113 B 57ms
17ms XHR
text/plain 18.159.151.182
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://btlr.sharethrough.com/WYu2BXv1/v1?placement_key=MCAFXkMpXrFWfqqsZK42o9N2&bidId=MCAFXkMpXrFWfqqsZK42o9N2&bidfloor=0.1&consent_required=true&instant_play_capable=true&hbSource=prebid&hbVersion=3.0.0&strVersion=3.2.0&pubcid=b600186d-3119-4576-a6a8-731513ef1b99&us_privacy=1---&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.159.151.182 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-159-151-182.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:34 GMT
access-control-allow-credentials: true
vary: Origin

POST
H/1.1 204
No Content 309517 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 45ms
44ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/309517
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 19:23:34 GMT
X-SpotX-Timing-Transform: 0.000888
X-SpotX-Timing-SpotMarket: 0.009450
X-SpotX-Timing-Page-Mux: 0.000301
X-SpotX-Timing-Page-Require: 0.000438
X-fe: 038
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000040
X-SpotX-Timing-Page: 0.021460
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000647
Last-Modified: Tue, 09 Nov 2021 19:23:34 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.009450
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.salon.com
X-SpotX-Timing-Page-Misc: 0.009669
X-SpotX-Timing-Page-Exception: 0.000002
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000025
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content 309517 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 67ms
32ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/309517
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 19:23:34 GMT
X-SpotX-Timing-Transform: 0.000343
X-SpotX-Timing-SpotMarket: 0.006761
X-SpotX-Timing-Page-Mux: 0.000446
X-SpotX-Timing-Page-Require: 0.001058
X-fe: 100
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000022
X-SpotX-Timing-Page: 0.014477
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000374
Last-Modified: Tue, 09 Nov 2021 19:23:34 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.006761
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.salon.com
X-SpotX-Timing-Page-Misc: 0.005459
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000013
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 33ms
33ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

GET
H/1.1 200
OK trinity.json Show response
apex.go.sonobi.com/ 126 B
763 B 119ms
39ms XHR
application/json 178.162.133.150
LEASEWEB-NL-AMS-0...

General

Check archive.org

Show headers Download Go to

Full URL

https://apex.go.sonobi.com/trinity.json?key_maker=%7B%22c2931ee30b812c461947%22%3A%22c2931ee30b812c461947%7C%7C1%22%2C%221530f87d2c6bba4799a7%22%3A%221530f87d2c6bba4799a7%7C%7C1%22%7D&ref=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&s=17c651ab-4168-42f7-aed7-3bd764686617&pv=4166e0d1-8133-451d-86a5-1301b8332c5e&vp=desktop&lib_name=prebid&lib_v=5.18.0&us=1&ius=1&userid=%7B%22pubcid%22%3A%22b600186d-3119-4576-a6a8-731513ef1b99%22%7D&schain=%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D&gdpr=true&us_privacy=1---

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

178.162.133.150 Rotterdam, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),

Reverse DNS

ams-1-apex.go.sonobi.com

Software

sonobi-go /

Resource Hash

0fe763512af3ed5664c6e07e01dae9783dc0dc6a33ce223c7e441161017c8d6f

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:34 GMT
Content-Encoding: gzip
Server: sonobi-go
Vary: negotiate,Accept-Encoding
X-Go-Server: apex-ams-1-6-132
P3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Access-Control-Allow-Origin: https://www.salon.com
Cache-Control: no-cache, no-store, private
Access-Control-Allow-Credentials: true
Tcn: Choice
Content-Type: application/json
Content-Length: 151
X-Xss-Protection: 0
Expires: Sat, 26 Jul 1997 05:00:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
157 B 17ms
17ms XHR
text/plain 35.158.25.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1636485814659
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H/1.1 204
No Content bid.json Show response
reachms.bfmio.com/ 0
338 B 437ms
164ms XHR
application/json 52.44.23.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reachms.bfmio.com/bid.json?exchange_id=50ca0ab3-beba-49da-fdbd-e88d655c87f6
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.23.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-23-52.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.salon.com
Access-Control-Expose-Headers: location
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=ISO-8859-1
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 avjp Show response
propermedia-d.openx.net/v/1.0/ 106 B
297 B 21ms
19ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=555f0396-a4ab-42c3-8c95-e5324c37a2bf&pubcid=b600186d-3119-4576-a6a8-731513ef1b99&nocache=1636485814660&auid=543888120&aumfs=1000&vwd=640&vht=480&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&gdpr=1&x_gdpr_f=1&us_privacy=1---&_pubcid=b600186d-3119-4576-a6a8-731513ef1b99
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
via: 1.1 google
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.salon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 avjp Show response
propermedia-d.openx.net/v/1.0/ 106 B
297 B 21ms
20ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=d7f0260d-9f2f-4117-9759-2e2b02275aac&pubcid=b600186d-3119-4576-a6a8-731513ef1b99&nocache=1636485814661&auid=544066586&aumfs=1000&vwd=640&vht=480&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&vos=101&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&gdpr=1&x_gdpr_f=1&us_privacy=1---&_pubcid=b600186d-3119-4576-a6a8-731513ef1b99
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
via: 1.1 google
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.salon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 172 B
381 B 9ms
9ms XHR
application/json 35.158.190.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.190.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-190-179.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: f4e887316cffc9f4c8959e5d087c57a193b0a8b6e565c626c035c2f854575452

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 167
expires: 0

GET
H2 200 avjp Show response
propermedia-d.openx.net/v/1.0/ 106 B
297 B 19ms
17ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/v/1.0/avjp?ju=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&ch=UTF-8&res=1600x1200x24&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=ea4afaf8-37b6-425f-94c2-51d841b4b608&pubcid=b600186d-3119-4576-a6a8-731513ef1b99&nocache=1636485814664&auid=540772256&aumfs=1000&vwd=640&vht=480&vmimes=video%2Fmp4%2Capplication%2Fjavascript&openrtb=%5Bobject%20Object%5D&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&gdpr=1&x_gdpr_f=1&us_privacy=1---&_pubcid=b600186d-3119-4576-a6a8-731513ef1b99
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 730fa1f3e8b3c4a223c4e69f4a27e690a4552f96ab97dba05b943dff44967658

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
via: 1.1 google
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.salon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 58 B
351 B 233ms
232ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=321166&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%225bacd111-c2ea-4d1a-9ef7-759957038027%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22728x90-1-7tCxq%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-1-7tCxq%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22728x90-2-I6vbA%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22728x90-2-I6vbA%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A728%2C%22h%22%3A90%7D%7D%2C%7B%22id%22%3A%22160x600-1-z0g7n%22%2C%22bidfloor%22%3A0.5%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-1-z0g7n%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22160x600-2-XvLaD%22%2C%22bidfloor%22%3A0.5%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22160x600-2-XvLaD%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A160%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x250-1-NcjLw%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-1-NcjLw%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-2-GEhMP%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-2-GEhMP%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x250-3-M3w2g%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x250-3-M3w2g%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A250%7D%7D%2C%7B%22id%22%3A%22300x600-1-HfaoI%22%2C%22bidfloor%22%3A0.5%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-1-HfaoI%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22300x600-2-w5iqD%22%2C%22bidfloor%22%3A0.5%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22300x600-2-w5iqD%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A300%2C%22h%22%3A600%7D%7D%2C%7B%22id%22%3A%22336x280-1-vIw7B%22%2C%22bidfloor%22%3A0.1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22336x280-1-vIw7B%22%2C%22siteID%22%3A%22321166%22%7D%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22w%22%3A336%2C%22h%22%3A280%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%7D
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: f97bfc510d452bef6921404b8fc3a4e060851632248f8abc955636e1e20e051b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.73], XFF:[]
server: Apache
content-type: application/json
access-control-allow-origin: https://www.salon.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 58
x-ak-client-geo: 12
expires: Tue, 09 Nov 2021 19:23:34 GMT

GET
H/1.1 200
OK fastlane.json Show response
fastlane.rubiconproject.com/a/api/ 715 B
4 KB 578ms
264ms XHR
application/json 2602:803:c002:200::113
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to

Full URL: https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=8777&site_id=125272&zone_id=1708990&size_id=2%3B2%3B15%3B15%3B15&alt_size_ids=%3B%3B9%2C10%2C16%3B9%2C10%2C16%3B&rp_floor=0.1&rp_secure=1&tk_flint=pbjs_lite_v3.2.0&x_source.tid=32923743-aea0-42b6-8a41-ec27850f534e%3B53e64ec2-4932-414f-ad29-ecdc3dd615c3%3B64327300-e056-4836-a0ad-c481b8ca88d3%3Ba9f1af6f-0310-42b4-a210-8c4475114a38%3B67fb06f6-0d1a-48b0-82dd-1c7424a05932&p_screen_res=1600x1200&tg_fl.eid=1708990-4%3B1708990-5%3B1708990-1%3B1708990-2%3B1708990-3&rf=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&x_source.pchain=proper.io%3Ae5961d07-eb92-11e9-a488-69e3386c7506&ppuid=b600186d-3119-4576-a6a8-731513ef1b99&eid_pubcid.org=b600186d-3119-4576-a6a8-731513ef1b99%5E1&gdpr=1&us_privacy=1---&rp_schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&slots=5&rand=0.4629762653443299
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 2602:803:c002:200::113 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: eb83270bfdbae3ecac52349a06c1f24ab54fa5a04de2ccedeb7c455cebc4539f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:35 GMT
Server: nginx/1.16.0
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin: https://www.salon.com
Cache-Control: no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json
Content-Length: 715
Expires: Wed, 17 Sep 1975 21:32:10 GMT

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 95ms
95ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: a36de62d85a089cfb42ca029c172a09b276a2ef225b0031afbc31c449bd08ba2

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 46 B
393 B 61ms
60ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=627927&v=8.1&ac=j&sd=1&r=%7B%22id%22%3A%229f4b1ffc-e7b1-434f-84de-938e978ae98d%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22desktop-1-aLkgk%22%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22desktop-1-aLkgk%22%2C%22siteID%22%3A%22627927%22%7D%2C%22video%22%3A%7B%22placement%22%3A4%2C%22topframe%22%3A1%2C%22skip%22%3A1%2C%22linearity%22%3A1%2C%22minduration%22%3A10%2C%22maxduration%22%3A30%2C%22playbackmethod%22%3A%5B2%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%2C%7B%22id%22%3A%22desktop-2-uTL51%22%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%22desktop-2-uTL51%22%2C%22siteID%22%3A%22627927%22%7D%2C%22video%22%3A%7B%22placement%22%3A4%2C%22topframe%22%3A1%2C%22skip%22%3A1%2C%22linearity%22%3A1%2C%22minduration%22%3A10%2C%22maxduration%22%3A30%2C%22playbackmethod%22%3A%5B2%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%7D&nf=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 1d6a8e7223762258c3b770fbcf675e331634b61d113cc2615114404b4ad763d6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.73], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.salon.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 66
x-ak-client-geo: 12
expires: Tue, 09 Nov 2021 19:23:34 GMT

GET
H3 200 arj Show response
propermedia-d.openx.net/w/1.0/ 189 B
198 B 24ms
23ms XHR
application/json 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://propermedia-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&ch=UTF-8&res=1600x1200x24&ifr=true&tws=1600x1200&aus=728x90%2C300x250%2C336x280%7C160x600%2C300x250%2C300x600%7C160x600%2C300x250%2C300x600&auid=540459428%2C540459445%2C540459446&aumfs=100%2C100%2C100&dddid=d3ac8ca8-addc-45d9-8777-ea71d45c6c72%2Cc5ac8f85-0d0a-4578-b312-afce445fd4e9%2C9ab07958-b773-4e9f-85cc-6c606dccd55b&divIds=openx-6383eded-4a83-4ab3-b21e-e4c9e887fbfc%2Copenx-4b36abd9-2b22-4099-9dbe-aded4928ca72%2Copenx-d013b1ab-edd9-448e-8e41-afce7a6f8083&be=1&bc=hb_pb_3.0.1&nocache=1636485814670&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1&gdpr=1&x_gdpr_f=1&us_privacy=1---&_pubcid=b600186d-3119-4576-a6a8-731513ef1b99
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 3f0fd62c4597a1517fcaf0a1045f97afbd51035b470e0b09f72a68e7baa243eb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://www.salon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 175
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 204
No Content 266845 Show response
search.spotxchange.com/openrtb/2.3/dados/ 0
1 KB 75ms
45ms XHR
application/json 185.94.180.123
SPOTX-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://search.spotxchange.com/openrtb/2.3/dados/266845
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 185.94.180.123 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 19:23:34 GMT
X-SpotX-Timing-Transform: 0.000348
X-SpotX-Timing-SpotMarket: 0.008943
X-SpotX-Timing-Page-Mux: 0.000498
X-SpotX-Timing-Page-Require: 0.000485
X-fe: 115
Connection: keep-alive
X-SpotX-Timing-Page-Cookie: 0.000031
X-SpotX-Timing-Page: 0.015244
Pragma: no-cache
X-SpotX-Timing-Page-Context: 0.000468
Last-Modified: Tue, 09 Nov 2021 19:23:34 GMT
Server: nginx
Cache-Control: no-cache, must-revalidate, post-check=0, pre-check=0
X-SpotX-Timing-SpotMarket-Primary: 0.008943
Access-Control-Allow-Methods: POST, GET, PATCH, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.salon.com
X-SpotX-Timing-Page-Misc: 0.004442
X-SpotX-Timing-Page-Exception: 0.000001
X-SpotX-Timing-SpotMarket-Secondary: 0.000000
X-SpotX-Timing-Page-URI: 0.000028
Access-Control-Allow-Credentials: true
Access-Control-Allow-Headers
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 17ms
13ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:32 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 bid-request Show response
a.teads.tv/hb/ 16 B
247 B 111ms
55ms XHR
application/json 2.18.232.7
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://a.teads.tv/hb/bid-request
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.232.7 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-7.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 6a7b0c8bf87b2bd5ca31557f25cf2a6c80f93af72bf68a6085e9b55a87fe908c

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.salon.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 42
expires: Tue, 09 Nov 2021 19:23:34 GMT

POST
H2 204 hb Show response
hb.undertone.com/ 0
448 B 280ms
276ms XHR
text/plain 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3520&domain=salon.com&gdpr=1&gdprstr=&ccpa=1---
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-91.fra50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.salon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 1
x-amz-cf-id: 8LvbiRnLhlqysvPArVbj0_CR23Dq8xXdqQ1rGQTII92FyYLggiiStA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
564 B 171ms
83ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b9%3b103
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.salon.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
564 B 197ms
110ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b26%3b96
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.salon.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 211ms
124ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b9%3b99
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.salon.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H/1.1 200
OK v1 Show response
prg.smartadserver.com/prebid/ 171 B
563 B 158ms
72ms XHR
application/json 185.86.138.122
SMARTADSERVER

General

Check archive.org

Show headers Download Go to

Full URL: https://prg.smartadserver.com/prebid/v1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 185.86.138.122 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software: /
Resource Hash: 966ae054fb01b6518dd949476622ad377803b83ff8f0bc5bfd6fecfb91930068

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: br
vary: Accept-Encoding
x-smrt-d: 4%3b5%3b90
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
access-control-allow-origin: https://www.salon.com
cache-control: no-cache,no-store
access-control-allow-credentials: true
content-type: application/json; charset=UTF-8
transfer-encoding: chunked

POST
H2 204 mvo Show response
tag.1rx.io/rmp/79404/0/ 0
169 B 25ms
23ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/79404/0/mvo?z=1r&hbv=5.18,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 244 B
921 B 108ms
107ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

ec2-18-192-222-132.eu-central-1.compute.amazonaws.com

Software

nginx/1.17.9 /

Resource Hash

6677d19814b8b7456bfa7e6cc449868838dd958f8fc062f1b957ec403ebb2107

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:34 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 3a98f644-f074-4bf6-a51e-6f71aa701f1e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://www.salon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 244
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 46 B
393 B 27ms
25ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=683179&v=8.1&ac=j&sd=1&r=%7B%22id%22%3A%222b8acc29-f7a7-4678-950a-78bd5e51dbc8%22%2C%22site%22%3A%7B%22ref%22%3A%22%22%2C%22page%22%3A%22https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A0%2C%22msi%22%3A0%2C%22sn%22%3A0%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%221-p2R7j%22%2C%22bidfloor%22%3A1%2C%22bidfloorcur%22%3A%22USD%22%2C%22ext%22%3A%7B%22sid%22%3A%221-p2R7j%22%2C%22siteID%22%3A%22683179%22%7D%2C%22video%22%3A%7B%22placement%22%3A1%2C%22topframe%22%3A1%2C%22skip%22%3A1%2C%22linearity%22%3A1%2C%22minduration%22%3A10%2C%22maxduration%22%3A30%2C%22playbackmethod%22%3A%5B2%5D%2C%22api%22%3A%5B1%2C2%5D%2C%22mimes%22%3A%5B%22video%2Fmp4%22%2C%22application%2Fjavascript%22%5D%2C%22protocols%22%3A%5B2%2C3%2C5%2C6%5D%2C%22w%22%3A640%2C%22h%22%3A480%7D%7D%5D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22nodes%22%3A%5B%7B%22hp%22%3A1%2C%22asi%22%3A%22proper.io%22%2C%22sid%22%3A%22e5961d07-eb92-11e9-a488-69e3386c7506%22%7D%5D%2C%22complete%22%3A1%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A1%2C%22us_privacy%22%3A%221---%22%7D%7D%7D&nf=1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 37f8f58e4086d771421d3df63263e77090d240fe777f662709f7822e21b846f6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[DE], RC:[HE], CN:[EU], CIP:[91.199.118.73], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.salon.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 66
x-ak-client-geo: 12
expires: Tue, 09 Nov 2021 19:23:34 GMT

POST
H2 200 v1 Show response
hb-api.omnitagjs.com/hb-api/prebid/ 392 B
741 B 133ms
87ms XHR
application/json 185.255.84.151
IGUANE-

General

Check archive.org

Show headers Download Go to

Full URL

https://hb-api.omnitagjs.com/hb-api/prebid/v1?CanonicalUrl=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

185.255.84.151 Paris, France, ASN200271 (IGUANE-, FR),

Reverse DNS

Software

ayl-lb-fra02 /

Resource Hash

faf6f2cd7d206199e85a47e27192005a13b194fdb62602f17d475dd055702af7

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
x-content-type-options: nosniff
server: ayl-lb-fra02
vary: Accept-Encoding
access-control-allow-methods: OPTIONS, POST
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
access-control-max-age: 3600
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 69
access-control-allow-headers: Accept-Encoding, Content-Type
content-length: 392
expires: 0

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
59 B 16ms
16ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 auction Show response
tlx.3lift.com/header/ 19 B
263 B 118ms
83ms XHR
application/json 18.192.222.132
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://tlx.3lift.com/header/auction?lib=prebid&v=5.18.0&referrer=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&tmax=1200&gdpr=true&us_privacy=1---

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.192.222.132 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 19
x-xss-protection: 0
expires: Thu, 15 Oct 1992 20:10:00 GMT

POST
H2 204 / Show response
hb.emxdgt.com/ 0
157 B 22ms
17ms XHR
text/plain 35.158.25.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1636485814686
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 204 hb Show response
hb.undertone.com/ 0
449 B 377ms
373ms XHR
text/plain 143.204.98.91
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.undertone.com/hb?pid=3520&domain=salon.com&gdpr=1&gdprstr=&ccpa=1---
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.91 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-91.fra50.r.cloudfront.net
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
via: 1.1 bab8148a65b29113f79cf2725076287d.cloudfront.net (CloudFront)
server: istio-envoy
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSDo OUR BUS UNI COM NAV"
access-control-allow-origin: https://www.salon.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
x-envoy-upstream-service-time: 4
x-amz-cf-id: RUySH_XGzoqGx0c-uY195nJB3qyEys-CTGMro9P_pvRXhFwSClbbFA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 200 auction Show response
prebid-server.rubiconproject.com/openrtb2/ 172 B
381 B 11ms
6ms XHR
application/json 35.158.190.179
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid-server.rubiconproject.com/openrtb2/auction
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.190.179 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-190-179.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 0982315c304b244bbe8ec6bead480055127b5110c981c390905cbe9268b16ca4

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
content-type: application/json
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-length: 168
expires: 0

POST
H2 200 prebid Show response
bids.concert.io/bids/ 22 B
407 B 387ms
346ms XHR
application/json 34.117.126.186
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.concert.io/bids/prebid
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.117.126.186 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 186.126.117.34.bc.googleusercontent.com
Software: Google Frontend / Express
Resource Hash: 55aabd4f133660977420281f291a1ed0c58714a47679738bdaad2e8d59c31004

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
via: 1.1 google
x-lat-long: 47.409858,10.279745
x-powered-by: Express
x-region: DE
x-city: Oberstdorf
alt-svc: clear
content-length: 22
x-response-time: 240.990ms
server: Google Frontend
etag: W/"16-6cDG702lpKxhI09DG03JuPCfUBY"
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
x-cloud-trace-context: db615b8b34e6b0d35974074a5781eefe/12590217661644974432;o=1
access-control-allow-credentials: true
x-region-subdivision: DEBY

POST
H2 204 / Show response
hb.emxdgt.com/ 0
157 B 55ms
50ms XHR
text/plain 35.158.25.241
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://hb.emxdgt.com/?t=1000&ts=1636485814691
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.158.25.241 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-158-25-241.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: no-cache
access-control-allow-credentials: true
access-control-allow-headers: security, Content-Type

POST
H2 200 24 Show response
web.hb.ad.cpe.dotomi.com/s2s/header/ 427 B
611 B 100ms
13ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://web.hb.ad.cpe.dotomi.com/s2s/header/24
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 6dafadcf89e4070161ff8a214c93049a36f95c8648e6e71bb3b51ce1a659c726

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
server: nginx
content-type: application/json
access-control-allow-origin: https://www.salon.com
cache-control: no-cache
access-control-allow-credentials: true
content-length: 427
expires: 0

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 573 B
988 B 265ms
233ms XHR
application/json 185.33.220.244
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.244 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

e870fff4b319c31cc0cf7b017fd1458920e9b1afaee2b91d9bb4c207545a9ed6

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 09 Nov 2021 19:23:34 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 837db8b4-2fca-4bc8-bf5f-a41fc213c76d
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.salon.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 mvo Show response
tag.1rx.io/rmp/233731/0/ 0
169 B 19ms
17ms XHR
text/plain 213.19.147.42
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/233731/0/mvo?z=1r&hbv=5.18,2.1
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.42 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
880 B 96ms
66ms XHR
application/json 34.107.148.139
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUW4K2MG
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.148.139 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 139.148.107.34.bc.googleusercontent.com
Software: nginx /
Resource Hash: 89cf983796f22f86669422f39f833cdcca276e3b84fcdecd8079555dc7fb1710

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
server: nginx
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.salon.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H/1.1 204
No Content bid.json Show response
reachms.bfmio.com/ 0
338 B 463ms
179ms XHR
application/json 52.44.23.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reachms.bfmio.com/bid.json?exchange_id=82600717-3c4e-4756-beb4-c7eeb90a81a5
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.23.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-23-52.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.salon.com
Access-Control-Expose-Headers: location
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=ISO-8859-1
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content bid.json Show response
reachms.bfmio.com/ 0
338 B 550ms
267ms XHR
application/json 52.44.23.52
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://reachms.bfmio.com/bid.json?exchange_id=82600717-3c4e-4756-beb4-c7eeb90a81a5
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.23.52 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-23-52.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: https://www.salon.com
Access-Control-Expose-Headers: location
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json;charset=ISO-8859-1
Expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 204
No Content openrtb Show response
ads.adaptv.advertising.com/rtb/ 0
214 B 61ms
60ms XHR
application/json 3.66.59.71
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.adaptv.advertising.com/rtb/openrtb?ext_id=Proper
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.66.59.71 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-66-59-71.eu-central-1.compute.amazonaws.com
Software: adaptv/1.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
server: adaptv/1.0
Connection: keep-alive
content-length: 0
content-type: application/json

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 100ms
99ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: a4bcf1c3e5858164464538c73037a3a1d021357b33eec4718780f487cb751293

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 104ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: c4c766fb1e3ce85dea6699f3eecd437cccca99671cf2c669db9feab007758bf0

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 103ms
100ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 853c31e2c0cbcfd6309595f7463ced2558ee66f05ed54ed3d5f457e875e758dc

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 105ms
101ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: a552fa250ccc0157fc8bf169ea0a06f72bfbc062585715a6229645bd15e64835

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

POST
H2 200 hb Show response
ssc.33across.com/api/v1/ 87 B
179 B 104ms
101ms XHR
application/json 34.149.20.76
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ssc.33across.com/api/v1/hb
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.149.20.76 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 76.20.149.34.bc.googleusercontent.com
Software: / 33Across
Resource Hash: 6fb5601671e4e1f20a1306bc3125f005575c7cea1dae25524e1dfe08440c862f

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
status: 200 OK
x-powered-by: 33Across
vary: Accept-Encoding, Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
alt-svc: clear
via: 1.1 google

GET
H2 200 ima3.js Show response
imasdk.googleapis.com/js/sdkloader/ 368 KB
123 KB 61ms
17ms Script
text/javascript 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/sdkloader/ima3.js

Requested by

Host: player.propervideo.io
URL: https://player.propervideo.io/new_rtp/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

013642abc6eb7dace2707aec3f8dae8d884cc284951ace55bb737bfde43f687a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125099
x-xss-protection: 0
expires: Tue, 09 Nov 2021 19:23:34 GMT

GET
H2 200 rkh57f.jpg
mediaproxy.propervideo.io/width/600/https://d2um6xmmztr4fp.cloudfront.net/propervideo/images/hd/ 27 KB
27 KB 56ms
34ms Image
image/webp 2606:4700::6812:9eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mediaproxy.propervideo.io/width/600/https://d2um6xmmztr4fp.cloudfront.net/propervideo/images/hd/rkh57f.jpg
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c1f3729b69bedaf354fa0b7596337ddd014ff9773ee71851cef51205687acb4

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
cf-cache-status: HIT
age: 507899
cf-polished: qual=85, origFmt=jpeg, origSize=31855
content-disposition: inline; filename="rkh57f.webp"
content-length: 27318
x-response-time: 53ms
last-modified: Wed, 03 Nov 2021 22:18:35 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
expires: Wed, 09 Nov 2022 19:23:34 GMT
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 6ab96a96990e7031-FRA
cf-bgj: imgq:85,h2pri

POST
H2 404 save_social_counts.php Show response
www.salon.com/ajax/ 548 B
400 B 371ms
371ms XHR
text/html 2600:9000:2156:d200:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salon.com/ajax/save_social_counts.php?type=update_token
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d200:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
content-encoding: br
content-length: 131
x-amz-cf-id: fNXemmVPj3Sq_flN79woKsWnD9xA8NdsZ5IBg9sinJgEQ6xAdoTWYw==

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 9768 32 KB
10 KB 10ms
9ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1fa85f987b16ca14dd669bcd177e3b50deaef5e2a05ad97dfb152322ddf92604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=8777&endpoint=us-west
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 19:23:34 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:14 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45727
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Wed, 10 Nov 2021 08:05:41 GMT

POST
H2 404 save_social_counts.php Show response
www.salon.com/ajax/ 548 B
399 B 375ms
374ms XHR
text/html 2600:9000:2156:d200:1a:b9b9:50c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.salon.com/ajax/save_social_counts.php?type=track_counts
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:d200:1a:b9b9:50c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: d465172175d35d493fb1633e237700022bd849fa123164790b168b8318acb090

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
via: 1.1 cdb2dba3874dd4d7b53213b8c63a0997.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA50-C1
vary: Accept-Encoding
x-cache: Error from cloudfront
content-type: text/html
content-encoding: br
content-length: 131
x-amz-cf-id: pc3b1WnzWb_lnPO1GeDc5j7pSKvCgwbsuNrsuA-wJAF-xcB5lYUypg==

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 37 KB
15 KB 53ms
21ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-657872957

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

7a8dda4e618a771bd10b0486e0de1325086e385b1ccc437f740d150cbdbf1392

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14366
x-xss-protection: 0
server: cafe
etag: 17146940108124342434
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 09 Nov 2021 19:23:34 GMT

GET
H2 200 haloid Show response
aufp.io/api/v1/ 6 KB
3 KB 512ms
164ms Script
application/javascript 54.187.25.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://aufp.io/api/v1/haloid
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/317?url=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.187.25.111 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-187-25-111.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 85e50082d7ce113bfa87dbade18dbf747d1bacfcffdbd628296dcffa98a08f94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
content-encoding: gzip
last-modified: Fri, 29 Oct 2021 04:16:12 GMT
server: nginx/1.18.0
etag: W/"1635480972.0-6132-2958560116"
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/javascript
access-control-allow-origin: *, *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
cache-control: public, max-age=43200
origin-trial: A/KTxPuSXtwcggydvUxw5B4dXspsb2iweedc7KDi2xv9M89MtnOpULTs7DQJVHBxGDV5wj5a3LW9S4ev3WfQkwIAAAB+eyJvcmlnaW4iOiJodHRwczovL2hhbG9mbG9jLmNvbTo0NDMiLCJmZWF0dXJlIjoiSW50ZXJlc3RDb2hvcnRBUEkiLCJleHBpcnkiOjE2MjYyMjA3OTksImlzU3ViZG9tYWluIjp0cnVlLCJpc1RoaXJkUGFydHkiOnRydWV9
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
expires: Wed, 10 Nov 2021 07:23:35 GMT

GET
H2 200 317 Show response
p.ad.gt/api/v1/p/ 25 KB
8 KB 512ms
166ms Script
text/html 54.149.90.128
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://p.ad.gt/api/v1/p/317
Requested by: Host: a.ad.gt
URL: https://a.ad.gt/api/v1/u/matches/317?url=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&ref=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.149.90.128 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-149-90-128.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: 3809a6684f846affe0fe66e55bd75a099b9d0df6ad5f16019cd38729269db633

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
content-encoding: gzip
server: nginx/1.18.0
access-control-allow-methods: GET, POST, OPTIONS
content-type: text/html; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2

200

match
ids.ad.gt/api/v1/
Redirect Chain

https://secure.adnxs.com/getuid?https://ids.ad.gt/api/v1/match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&adnxs_id=$UID
https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmatch%3Fid%3D5b5141db-51fc-46f9-b723-56a1932fcc69%26adnxs_id%3D%24UID
https://ids.ad.gt/api/v1/match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&adnxs_id=3132108011176313798

43 B
566 B

512ms
177ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&adnxs_id=3132108011176313798
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 07:23:35 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:35 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: c5cd1b10-66ca-48c3-8c04-a45f7db6295f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ids.ad.gt/api/v1/match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&adnxs_id=3132108011176313798
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

t_match
ids.ad.gt/api/v1/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=5b5141db-51fc-46f9-b723-56a1932fcc69
https://match.adsrvr.org/track/cmb/generic?ttd_pid=8gkxb6n&ttd_tpi=1&gpdr=0&ttd_puid=5b5141db-51fc-46f9-b723-56a1932fcc69
https://ids.ad.gt/api/v1/t_match?tdid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&id=5b5141db-51fc-46f9-b723-56a1932fcc69

43 B
571 B

192ms
187ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/t_match?tdid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&id=5b5141db-51fc-46f9-b723-56a1932fcc69
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:36 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 07:23:35 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ids.ad.gt/api/v1/t_match?tdid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&id=5b5141db-51fc-46f9-b723-56a1932fcc69
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 259

GET
H2

200

pbm_match
ids.ad.gt/api/v1/
Redirect Chain

https://image2.pubmatic.com/AdServer/UCookieSetPug?rd=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fpbm_match%3Fpbm%3D%23PM_USER_ID%26id%3D5b5141db-51fc-46f9-b723-56a1932fcc69
https://ids.ad.gt/api/v1/pbm_match?pbm=43F2F596-E058-42AE-B71D-2E3544852ECC&id=5b5141db-51fc-46f9-b723-56a1932fcc69

43 B
575 B

185ms
178ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/pbm_match?pbm=43F2F596-E058-42AE-B71D-2E3544852ECC&id=5b5141db-51fc-46f9-b723-56a1932fcc69
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 07:23:35 GMT

Redirect headers

location: https://ids.ad.gt/api/v1/pbm_match?pbm=43F2F596-E058-42AE-B71D-2E3544852ECC&id=5b5141db-51fc-46f9-b723-56a1932fcc69
date: Tue, 09 Nov 2021 19:23:35 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

g_match
ids.ad.gt/api/v1/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm&google_sc&google_ula=450542624&id=5b5141db-51fc-46f9-b723-56a1932fcc69
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_cm=&google_sc=&google_ula=450542624&id=5b5141db-51fc-46f9-b723-56a1932fcc69&google_tc=
https://ids.ad.gt/api/v1/g_match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&google_gid=CAESEKLJeOaw25nh2gS_zoC3Rvg&google_cver=1&google_ula=450542624,0

43 B
572 B

178ms
178ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/g_match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&google_gid=CAESEKLJeOaw25nh2gS_zoC3Rvg&google_cver=1&google_ula=450542624,0
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 07:23:35 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ids.ad.gt/api/v1/g_match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&google_gid=CAESEKLJeOaw25nh2gS_zoC3Rvg&google_cver=1&google_ula=450542624,0
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 357
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/
Redirect Chain

https://ids.ad.gt/api/v1/g_hosted?id=5b5141db-51fc-46f9-b723-56a1932fcc69
https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NWI1MTQxZGItNTFmYy00NmY5LWI3MjMtNTZhMTkzMmZjYzY5

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NWI1MTQxZGItNTFmYy00NmY5LWI3MjMtNTZhMTkzMmZjYzY5

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=audigent_w_appnexus_3985&google_hm=NWI1MTQxZGItNTFmYy00NmY5LWI3MjMtNTZhMTkzMmZjYzY5
date: Tue, 09 Nov 2021 19:23:35 GMT
server: nginx/1.18.0
content-length: 473
content-type: text/html; charset=utf-8

GET
H2

200

mediamath_match
ids.ad.gt/api/v1/
Redirect Chain

https://sync.mathtag.com/sync/img?redir=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fmediamath_match%3Fuser_id%3D%5BMM_UUID%5D%26id%3D5b5141db-51fc-46f9-b723-56a1932fcc69
https://ids.ad.gt/api/v1/mediamath_match?user_id=ddce618a-cab6-4000-b5d7-fe9b3940e3ca&id=5b5141db-51fc-46f9-b723-56a1932fcc69

43 B
485 B

186ms
185ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/mediamath_match?user_id=ddce618a-cab6-4000-b5d7-fe9b3940e3ca&id=5b5141db-51fc-46f9-b723-56a1932fcc69
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 07:23:35 GMT

Redirect headers

Date: Tue, 09 Nov 2021 19:23:35 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x12 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ids.ad.gt/api/v1/mediamath_match?user_id=ddce618a-cab6-4000-b5d7-fe9b3940e3ca&id=5b5141db-51fc-46f9-b723-56a1932fcc69
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Nov 2021 19:23:34 GMT

GET
H2 200 cm
trc.taboola.com/sg/audigent/1/ 43 B
230 B 42ms
17ms Image
image/gif 2a04:4e42:400::300
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://trc.taboola.com/sg/audigent/1/cm?redirect=http%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Ftaboola%3Fpartner_uid%3D%3CTUID%3E%3Fid%3D5b5141db-51fc-46f9-b723-56a1932fcc69
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:4e42:400::300 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx /
Resource Hash: 0d9762a1a60deef8aa093c473ad27c38eed77184d6940e7df06d89d77cbd3e94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-vcl-time-ms: 9
pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
via: 1.1 varnish
server: nginx
x-timer: S1636485816.551489,VS0,VE9
x-served-by: cache-fra19150-FRA
x-cache: MISS
cache-control: no-cache, no-store
accept-ranges: bytes
x-cache-hits: 0

GET
H2

200

ppnt_match
ids.ad.gt/api/v1/
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=562316&ev=1&rurl=https://ids.ad.gt/api/v1/ppnt_match?uid=%%VGUID%%&id=5b5141db-51fc-46f9-b723-56a1932fcc69
https://ids.ad.gt/api/v1/ppnt_match?uid=3iIpfihM87eI&ev=1&pid=562316&id=5b5141db-51fc-46f9-b723-56a1932fcc69

43 B
466 B

179ms
179ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/ppnt_match?uid=3iIpfihM87eI&ev=1&pid=562316&id=5b5141db-51fc-46f9-b723-56a1932fcc69
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 07:23:35 GMT

Redirect headers

strict-transport-security: max-age=15768000
server: Jetty(9.4.14.v20181114)
p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language: de-DE
location: https://ids.ad.gt/api/v1/ppnt_match?uid=3iIpfihM87eI&ev=1&pid=562316&id=5b5141db-51fc-46f9-b723-56a1932fcc69
cache-control: private, max-age=0, no-cache, no-store
cw-server: bh-deployment-857fc6c844-rh55h
expires: -1

GET
H2 200 launcher.min.js Show response
secure.cdn.fastclick.net/js/cnvr-launcher/latest/ 41 KB
15 KB 12ms
12ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher-stub.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: d7cd09b590143e055a2a0bbfa2b87359e72b419db9f29ecdf3e946fc08c74a56

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
content-encoding: gzip
last-modified: Tue, 19 Jan 2021 22:23:11 GMT
server: Apache
etag: "a253-5b94848b276f1-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 14886
expires: Tue, 09 Nov 2021 19:38:34 GMT

GET
H2 200 / Show response
geo.privacymanager.io/ 30 B
592 B 36ms
7ms Fetch
application/json 143.204.98.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://geo.privacymanager.io/
Requested by: Host: ats.rlcdn.com
URL: https://ats.rlcdn.com/ats.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-65.fra50.r.cloudfront.net
Software: /
Resource Hash: e257df7266563e157bb7df93fd09c6d13afb1c9554468b21c7378e09a94d3250

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 14:32:41 GMT
via: 1.1 7abd55cee48606340f570b45718202b6.cloudfront.net (CloudFront), 1.1 a394c864b23364262af48fed4e7e9fad.cloudfront.net (CloudFront)
age: 17454
x-amzn-requestid: 050fe11e-c17c-4c25-ad66-960eade0737a
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
content-type: application/json
access-control-allow-origin: *
x-amzn-trace-id: Root=1-618a8689-420cbf492729bd8a7cb4c327;Sampled=0
x-cache: Hit from cloudfront
x-amz-cf-pop: FRA56-P3, FRA50-C1
x-amz-apigw-id: Iin1fFAkDoEF8Bw=
content-length: 30
x-amz-cf-id: EfD2rsQG_w02YNUyneFiEON7jHdY9T4sUd5mOFdecWIBbsKoeDnnug==
access-control-allow-headers: Content-Type,Authorization,X-Amz-Date,X-Api-Key,X-Amz-Security-Token

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 26ms
9ms XHR
application/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-amz-version-id: c91ZTIbLZrDqT0mloV_AD7.LNsTlhW69
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 50891
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 07 Oct 2021 01:02:33 GMT
server: AmazonS3
date: Tue, 09 Nov 2021 05:15:25 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ba77f90aac0ddbc2c4c2c02062fac762.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: WmaKqgssucXh-YEi808HLv3O2gx2t6SaRo0l2Vs5T6Ui8agcFIW41Q==

GET
H2 200 config Show response
c.amazon-adsystem.com/cdn/prod/ 779 B
1 KB 105ms
105ms XHR
application/json 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.95.188 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-95-188.fra50.r.cloudfront.net
Software: Server /
Resource Hash: 835818f0b8155a58255c00668cb2db2d90544cf7f79f344005e3b31992f63294

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:34 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-cache: Miss from cloudfront
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.salon.com
cache-control: max-age=21550, s-maxage=21600
access-control-allow-credentials: true
content-length: 779
x-amz-cf-id: u8kgkp6DPjlTsCoCdrBY_n5JBuallJU_kWsMfLW-LJQYz4bkvSDOBA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
493 B 41ms
41ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: GQSCVFKWJZPKMXCR940E
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: L9djdRFueJWHbzLOn49Z9vEUF6Dr-TfULnIO4hS_gOeEy8l-1TO6rQ==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
492 B 40ms
40ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&pid=VkG92JyPQ5Y3P&cb=1&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22id%22%3A%22Outstream_640x480%22%2C%22mt%22%3A%22v%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A100%7D%2C%7B%22id%22%3A%22Outstream_640x480%22%2C%22mt%22%3A%22v%22%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A100%7D%5D&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A25%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 3R72BWXH27T5M0Z8XN5V
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: 2dOCwWFJEeNqD4EgxtxEh337__5TRSDUyQvjQLj-zok4RF_-n8DOtA==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
490 B 43ms
43ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

5d7c7d25a0da74c0dd466120c3c09bd94cb982fc66ebc4a78675339f37323bf5

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: 3PWXA32CEV97Q1SHB0CG
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: FjS_8qKuptTsj45GbhTnT0Y3lbbANow4-eUUP510VCUuCRysBaee4A==

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
491 B 41ms
41ms XHR
text/javascript 143.204.95.188
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&pid=VkG92JyPQ5Y3P&cb=3&ws=1600x1200&v=7.70.0&t=2000&slots=%5B%7B%22sd%22%3A%22desktop-3%22%2C%22s%22%3A%5B%22728x90%22%2C%22300x250%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-4%22%2C%22s%22%3A%5B%22728x90%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-1%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%2C%7B%22sd%22%3A%22desktop-2%22%2C%22s%22%3A%5B%22160x600%22%2C%22300x250%22%2C%22300x600%22%5D%2C%22fc%22%3A%22USD%22%2C%22fp%22%3A10%7D%5D&schain=1.0%2C1!proper.io%2Ce5961d07-eb92-11e9-a488-69e3386c7506%2C1%2C%2C%2C&pubid=cb3b5777-430d-4622-b7fc-358cfa27d518&gdpre=1&gdprl=%7B%22status%22%3A%22tcfv2-success%22%2C%22cmpTimeout%22%3A25%7D

Requested by

Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

143.204.95.188 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Server /

Resource Hash

1c4777fe3a673a05492e27d08032cc91c23ac5389897c9235b09b8b0f5a74db3

Security Headers

Name	Value
Strict-Transport-Security	max-age=47474747; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
via: 1.1 f7b7cf90592cf6a380fd34cc45e9c4b5.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: FRA50-C1
x-amz-rid: JWERG0W68DNPYG6A3F4V
vary: Accept-Encoding,User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
permissions-policy: interest-cohort=()
strict-transport-security: max-age=47474747; includeSubDomains; preload
timing-allow-origin: *
content-length: 23
x-amz-cf-id: RUiiUeImqbjxZLmjWlfSFab1jbgDm0NZersT8X-BXrIzd3OhplOevg==

GET
H2 200 b-7b120a5-7c9914f0.js Show response
tagan.adlightning.com/properio/ 67 KB
26 KB 8ms
8ms Script
application/javascript 143.204.98.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/properio/b-7b120a5-7c9914f0.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 81c28971df4291e16a540f8c58e2ca8f13aa7f4ee1a02d0b3852919b10902df1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 19 Oct 2021 19:04:38 GMT
content-encoding: gzip
age: 1815537
x-cache: Hit from cloudfront
content-length: 26203
x-amz-meta-git_commit: 7b120a5
last-modified: Wed, 11 Aug 2021 19:11:04 GMT
server: AmazonS3
etag: "bb406d35e3bab5d4e4d328835f3e593e"
x-amz-version-id: De68rAfWXSerlWAoNYx.YB4vxVE8fqqr
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: 50GMZbrDgKBHE6hwzX-rmv1gp7bZG89yYyr_h3F2VUNh0usjY7t34g==

GET
H2 200 bl-f821a95-2107a880.js Show response
tagan.adlightning.com/properio/ 48 KB
17 KB 8ms
8ms Script
application/javascript 143.204.98.119
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tagan.adlightning.com/properio/bl-f821a95-2107a880.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.119 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-119.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: f70568284447621ab14cda7fd8a9be3a1aa16cc726bb9039cae003e830a4db06

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 14:53:55 GMT
content-encoding: gzip
age: 16181
x-cache: Hit from cloudfront
content-length: 16733
x-amz-meta-git_commit: f821a95
last-modified: Tue, 09 Nov 2021 14:37:57 GMT
server: AmazonS3
etag: "30930655b266bff44148e1bca58ae89e"
x-amz-version-id: ZG0nYK6mPKHUAQlBDKxwd9kfKVsmUIXY
via: 1.1 fb8c0300277bd0137c1693d3d64ab550.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/javascript
x-amz-cf-id: KGY-lZuSuYOBo3cloGOjiX8Ux7pJszMTI8k0lShDDpx2DSbHJVKf_g==

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 92e649098eefaf82db65282d7cbb4e65c738aca33c3fc8073a9c770fbcb0623d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/webp

GET
H3 200 pubads_impl_2021110401.js Show response
securepubads.g.doubleclick.net/gpt/ 346 KB
116 KB 38ms
21ms Script
text/javascript 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021110401.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

sffe /

Resource Hash

ecafecffa0db9b7f76734f0bcab9c4646954668aebd3e86dc38cdbe162d3f250

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 119010
x-xss-protection: 0
last-modified: Thu, 04 Nov 2021 08:34:50 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Tue, 09 Nov 2021 19:23:35 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 232 B
158 B 30ms
15ms XHR
application/json 142.250.186.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=www.salon.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f2.1e100.net

Software

cafe /

Resource Hash

4531643d69ebf38bf8a16aa06fb4e60c4f1309b784a421f36ecdebe19998d28b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 09 Nov 2021 19:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 133
x-xss-protection: 0
expires: Tue, 09 Nov 2021 19:23:35 GMT

GET
H2 200 bridge3.488.0_en.html Show response
imasdk.googleapis.com/js/core/ Frame 35F2 580 KB
190 KB 308ms
7ms Document
text/html 2a00:1450:4001:80e::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

485dd675dc980f01a4098246606a0cb2408c33437b73ed4236da6a3d248327e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="ads-doubleclick-instream-static"
report-to: {"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-length: 194718
date: Fri, 05 Nov 2021 21:20:07 GMT
expires: Sat, 05 Nov 2022 21:20:07 GMT
last-modified: Fri, 05 Nov 2021 21:15:14 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 338608
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 client.js Show response
s0.2mdn.net/instream/video/ 44 KB
17 KB 45ms
18ms Script
text/javascript 2a00:1450:4001:802::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/instream/video/client.js

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d0bffc7261df1454c5e05475cda7d9e6647318dc6c3936767e1252bfe8849c54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
cache-control: private, max-age=900
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16746
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 09 Nov 2021 19:23:35 GMT

GET
H2 200 id5-api.js Show response
cdn.id5-sync.com/api/1.0/ 35 KB
10 KB 57ms
9ms Script
text/javascript 46.105.202.126
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.id5-sync.com/api/1.0/id5-api.js

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

46.105.202.126 , France, ASN16276 (OVH, FR),

Reverse DNS

Software

Resource Hash

eb6883bc39782219d9eb3868c4e21acbdf949cc1a13bd35fb86bcb447488a977

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: br
x-cacheable: Matched cache
x-cdn-pop-ip: 137.74.120.0/27
date: Tue, 09 Nov 2021 18:30:34 GMT
content-type: text/javascript;charset=utf-8
cache-control: max-age=3600
x-cdn-pop: sbg
content-disposition: attachment;filename="id5-api.js"
accept-ranges: bytes
content-length: 10053
x-request-id: 1028883143

GET
H2 200 launcher Show response
proc.ad.cpe.dotomi.com/cvx/client/direct/ 423 B
628 B 26ms
12ms XHR
application/json 2a02:fa8:8806:16::1460
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to

Full URL: https://proc.ad.cpe.dotomi.com/cvx/client/direct/launcher?version=1.0.8&lid=616
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a02:fa8:8806:16::1460 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: 18c3ad9d69f010a2b28ea73c99136fd5d631996a7cd0a5b11e8e6b1d3c48ff5f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.salon.com
cache-control: max-age=1800
access-control-allow-credentials: true
content-length: 423
expires: Tue, 09 Nov 2021 19:53:35 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/657872957/ 3 KB
2 KB 45ms
22ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/657872957/?random=1636485815181&cv=9&fst=1636485815181&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab80&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&tiba=Pizzagate%2C%20explained%3A%20Everything%20you%20want%20to%20know%20about%20the%20Comet%20Ping%20Pong%20pizzeria%20conspiracy%20theory%20but%20are%20too%20afraid%20to%20search%20for%20on%20Reddit%20%7C%20Salon.com&hn=www.googleadservices.com&us_privacy=1---&async=1&rfmt=3&fmt=4

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d3cfe75d098259f1a36d91a40f9b6665c263bbff45243c7648a2b5ee6193f618

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1211
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 omweb-v1.js Show response
pagead2.googlesyndication.com/omsdk/releases/live/ Frame 0B70 37 KB
13 KB 36ms
11ms Script
text/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/omsdk/releases/live/omweb-v1.js

Requested by

Host: srcdoc
URL: about:srcdoc

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2511b147f3cf95f742758d3e2062eac98f5265a859dc07959eb8a32f0a2f528

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:15:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 494
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/omsdk-team-release-policy
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12861
x-xss-protection: 0
last-modified: Tue, 26 Oct 2021 20:08:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="omsdk-team-release-policy"
vary: Accept-Encoding
report-to: {"group":"omsdk-team-release-policy","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/omsdk-team-release-policy"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 09 Nov 2021 20:15:21 GMT

GET
H2 200 5376056 Show response
fundingchoicesmessages.google.com/i/ 78 KB
28 KB 40ms
39ms Script
application/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fundingchoicesmessages.google.com/i/5376056?ers=3

Requested by

Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

55ce25092f688a1afb91104fc85f70063a058e72423fae5caa1bf1be264edfeb

Security Headers

Name	Value
Content-Security-Policy	require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-e5dZFjwSzhoDJIFr1uNwGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-e5dZFjwSzhoDJIFr1uNwGg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: require-trusted-types-for 'script';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport, script-src 'report-sample' 'nonce-e5dZFjwSzhoDJIFr1uNwGg' 'unsafe-inline';object-src 'none';base-uri 'self';report-uri /_/ContributorServingWebSwitchboardHttp/cspreport;worker-src 'self', script-src 'nonce-e5dZFjwSzhoDJIFr1uNwGg' 'self' https://apis.google.com https://ssl.gstatic.com https://www.google.com https://www.gstatic.com https://www.google-analytics.com;report-uri /_/ContributorServingWebSwitchboardHttp/cspreport
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
cross-origin-opener-policy: same-origin
date: Tue, 09 Nov 2021 19:23:35 GMT
x-frame-options: SAMEORIGIN
content-type: application/javascript; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
cross-origin-resource-policy: cross-origin
vary: Sec-Fetch-Dest, Sec-Fetch-Mode, Sec-Fetch-Site
x-xss-protection: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubcid.min.js Show response
secure.cdn.fastclick.net/js/pubcid/latest/ 53 KB
17 KB 9ms
7ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 17:06:57 GMT
server: Apache
etag: "d398-5c3b75e9ebb41-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 17087
expires: Tue, 09 Nov 2021 19:38:35 GMT

GET
H2 200 coreid.min.js Show response
secure.cdn.fastclick.net/js/cnvr-coreid/latest/ 196 KB
58 KB 11ms
9ms Script
application/javascript 104.111.219.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.cdn.fastclick.net/js/cnvr-coreid/latest/coreid.min.js
Requested by: Host: secure.cdn.fastclick.net
URL: https://secure.cdn.fastclick.net/js/cnvr-launcher/latest/launcher.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.219.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-219-144.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7bcea2a6b05fd4d0aa03bf8cae7c1bcd0719d7acb0d4c30bd675b1b20c11bd00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:35 GMT
content-encoding: gzip
last-modified: Thu, 21 Oct 2021 17:07:21 GMT
server: Apache
etag: "30e24-5cedfed84fbab-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=900
accept-ranges: bytes
content-length: 59124
expires: Tue, 09 Nov 2021 19:38:35 GMT

POST
H2 200 s2s Show response
eb.proper.io/ 565 B
1 KB 597ms
585ms XHR
application/json 2606:4700::6811:4f22
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://eb.proper.io/s2s
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:4f22 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bae6ec433fa2f142a1b1d6923ef054b91d0091a2818539886f682f27b74f2b50

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:36 GMT
content-encoding: br
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/json
access-control-allow-origin: https://www.salon.com
cache-control: private, no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-timing: dur:531
cf-ray: 6ab96a9cbc155c38-FRA
expires: -1

GET
H/1.1 204
No Content sync.php
pixel-us-west.rubiconproject.com/exchange/ Frame 9768 0
239 B 706ms
165ms Image
image/gif 8.39.36.142
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-us-west.rubiconproject.com/exchange/sync.php?p=8777&us_privacy=1---
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_CBC
Server: 8.39.36.142 , United States, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 750589468d5634b7e99830971becaf64
Content-Type: image/gif

GET
H2 204 getpixels Show response
pixels.ad.gt/api/v1/ 0
344 B 487ms
159ms Script
text/plain 54.189.240.181
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixels.ad.gt/api/v1/getpixels?tagger_id=463c1c04f97df6052c8b767511c8557d&url=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&code=%27none%27
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.189.240.181 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-189-240-181.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 19:23:36 GMT
server: nginx/1.18.0
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range
access-control-allow-methods: GET, POST, OPTIONS
access-control-expose-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 35ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: p.ad.gt
URL: https://p.ad.gt/api/v1/p/317

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: 4U4qht1cn4Wco/qiNwk0J0rjww2gQqTeeQemOWtf8NTJYfOs2pvpHShhNhzzr5TCrbqc6qippOXS3Ph6n8RO7g==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 09 Nov 2021 19:23:35 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ecommerce.js Show response
www.google-analytics.com/plugins/ua/ 1 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ecommerce.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e1b84265e633c043720dd0921476c16bc9f75e393e855c9116ca7c3a847b5c7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:01:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1335
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 738
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Nov 2021 20:01:20 GMT

GET
H2 200 ec.js Show response
www.google-analytics.com/plugins/ua/ 3 KB
1 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:808::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/ec.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

058ed961bfe422af7bfc65865f4c08531ec8ace995f8a1ec560a46581cb7712c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:13:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 594
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1306
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Tue, 09 Nov 2021 20:13:41 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/657872957/ 42 B
154 B 32ms
17ms Image
image/gif 2a00:1450:4001:830::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/657872957/?random=1636485815181&cv=9&fst=1636484400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab80&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&tiba=Pizzagate%2C%20explained%3A%20Everything%20you%20want%20to%20know%20about%20the%20Comet%20Ping%20Pong%20pizzeria%20conspiracy%20theory%20but%20are%20too%20afraid%20to%20search%20for%20on%20Reddit%20%7C%20Salon.com&async=1&fmt=3&is_vtc=1&random=2314665542&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/657872957/ 42 B
154 B 29ms
21ms Image
image/gif 2a00:1450:4001:812::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/657872957/?random=1636485815181&cv=9&fst=1636484400000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oab80&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&tiba=Pizzagate%2C%20explained%3A%20Everything%20you%20want%20to%20know%20about%20the%20Comet%20Ping%20Pong%20pizzeria%20conspiracy%20theory%20but%20are%20too%20afraid%20to%20search%20for%20on%20Reddit%20%7C%20Salon.com&async=1&fmt=3&is_vtc=1&random=2314665542&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

openx
ids.ad.gt/api/v1/
Redirect Chain

https://u.openx.net/w/1.0/cm?id=998eaf06-9905-4eae-9e26-9fac75960c53&r=https%3A%2F%2Fids.ad.gt%2Fapi%2Fv1%2Fopenx%3Fopenx_id%3D%7BOPENX_ID%7D%26id%3D0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8...
https://ids.ad.gt/api/v1/openx?openx_id=4cec3e51-1112-457d-af85-afad60b7e760&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1e...

43 B
483 B

179ms
178ms

Image
image/gif

34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/openx?openx_id=4cec3e51-1112-457d-af85-afad60b7e760&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=5b5141db-51fc-46f9-b723-56a1932fcc69
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:36 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 07:23:36 GMT

Redirect headers

date: Tue, 09 Nov 2021 19:23:35 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://ids.ad.gt/api/v1/openx?openx_id=4cec3e51-1112-457d-af85-afad60b7e760&id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl&auid=5b5141db-51fc-46f9-b723-56a1932fcc69
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H2 200 halo_match
ids.ad.gt/api/v1/ 43 B
652 B 179ms
175ms Image
image/gif 34.211.237.159
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ids.ad.gt/api/v1/halo_match?id=5b5141db-51fc-46f9-b723-56a1932fcc69&halo_id=0201wslsds07jv2yg08xizqr0bwpa1w0evvljv1k7cm961o8b5po0ntek210qskvk40trr7270wqxik90zq3u2c12pa5j31k0gxf118nmsj90fzd0bt1elzfjf1hl5r1i1kkc2jl
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.211.237.159 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-211-237-159.us-west-2.compute.amazonaws.com
Software: nginx/1.18.0 /
Resource Hash: afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:36 GMT
cache-control: public, max-age=43200
server: nginx/1.18.0
content-type: image/gif
expires: Wed, 10 Nov 2021 07:23:35 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 9768
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ddce618a-cab6-4000-b5d7-fe9b3940e3ca&expires=28

0
239 B

63ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ddce618a-cab6-4000-b5d7-fe9b3940e3ca&expires=28
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

Date: Tue, 09 Nov 2021 19:23:35 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x28 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=ddce618a-cab6-4000-b5d7-fe9b3940e3ca&expires=28
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Nov 2021 19:23:34 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9768
Redirect Chain

https://token.rubiconproject.com/token?pid=25470&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTSEVHQlEtMTgtQldVUg==&us_privacy=1---

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTSEVHQlEtMTgtQldVUg==&us_privacy=1---

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZTSEVHQlEtMTgtQldVUg==&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 9768
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&us_privacy=1---
https://pr-bh.ybp.yahoo.com/sync/rubicon/iSaVI5IdIMK4ILKiyTfRLcn5EUdSAgOZEtemQ7w0kco?csrc=&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7974841473647372663

0
239 B

9ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7974841473647372663
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

date: Tue, 09 Nov 2021 19:23:36 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=7974841473647372663
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 9768
Redirect Chain

https://token.rubiconproject.com/token?pid=26594&us_privacy=1---
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVSHEGBQ-18-BWUR&sigv=1&esig=2~6cf430ae568a71b68fec4bda637de3285a0bb049&us_privacy=1---

0
615 B

38ms
8ms

Image
text/plain

2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVSHEGBQ-18-BWUR&sigv=1&esig=2~6cf430ae568a71b68fec4bda637de3285a0bb049&us_privacy=1---

Requested by

Protocol

Server

2a00:1288:80:800::7001 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:36 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KVSHEGBQ-18-BWUR&sigv=1&esig=2~6cf430ae568a71b68fec4bda637de3285a0bb049&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 9768 70 B
264 B 33ms
32ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon?us_privacy=1---
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 9768
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&us_privacy=1---
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELffI6e9Rr0W-XfWNDZN0qc&google_cver=1

0
239 B

63ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELffI6e9Rr0W-XfWNDZN0qc&google_cver=1
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESELffI6e9Rr0W-XfWNDZN0qc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 9768
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---
https://sync-tm.everesttech.net/ct/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D&us_privacy=1---&_test=YYrKvQADUchvnQAz
https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYrKvQADUchvnQAz&us_privacy=1---&_test=YYrKvQADUchvnQAz

0
239 B

10ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYrKvQADUchvnQAz&us_privacy=1---&_test=YYrKvQADUchvnQAz
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:41 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1636485822.541724,VS0,VE0
x-served-by: cache-fra19171-FRA
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=191940&nid=3778&put=YYrKvQADUchvnQAz&us_privacy=1---&_test=YYrKvQADUchvnQAz
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 9768
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n&us_privacy=1---
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjliYjZkNzIzZTRiZjdmNTI2OGNjNzZmZjM5OWY3YjZjOGU2YTRiZg&us_privacy=1---

170 B
188 B

25ms
24ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjliYjZkNzIzZTRiZjdmNTI2OGNjNzZmZjM5OWY3YjZjOGU2YTRiZg&us_privacy=1---

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:35 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=MjliYjZkNzIzZTRiZjdmNTI2OGNjNzZmZjM5OWY3YjZjOGU2YTRiZg&us_privacy=1---
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 200 1853083501571805 Show response
connect.facebook.net/signals/config/ 307 KB
89 KB 9ms
8ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1853083501571805?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

928c8d6b891ab7979a264be413e52586e56c3eeabebd0f167018471fa53a8a67

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 90548
x-xss-protection: 0
pragma: public
x-fb-debug: k7RO3QB/7r6uBS1w3kk3cH8ZSiGQ0PCdM3aibAkPzuvC0DGtKKIRu4N/reRLTc9mLwvsXQ9ioyJdT3Mwoc6n5g==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Tue, 09 Nov 2021 19:23:36 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
313 B 25ms
9ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1853083501571805&ev=PageView&dl=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&rl=&if=false&ts=1636485816063&cd[partner_id]=317&cd[tagger_id]=463c1c04f97df6052c8b767511c8557d&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1636485816062.1595480576&it=1636485815949&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:36 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 09 Nov 2021 19:23:36 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 4678 0
83 B 8ms
7ms Document
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
Origin: https://www.salon.com
Content-Type: application/x-www-form-urlencoded
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

content-type: text/plain
access-control-allow-origin: https://www.salon.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
date: Tue, 09 Nov 2021 19:23:36 GMT

GET
H2 303 ads Show response
pagead2.googlesyndication.com/gampad/ Frame 35F2 136 B
656 B 41ms
21ms XHR
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/gampad/ads?env=vp&vpa=auto&vpmute=1&gdfp_req=1&unviewed_position_start=1&output=xml_vast4&sz=640x480%7C400x300%7C300x250&description_url=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&iu=%2F5376056%2Fsalon_instream_1&nofb=1&cust_params=post_id%3D0%26proper_video_bid%3D1.00&sdkv=h.3.488.0&osd=2&frm=0&vis=1&sdr=1&hl=en&afvsz=200x200%2C250x250%2C300x250%2C336x280%2C450x50%2C468x60%2C480x70&is_amp=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&u_so=l&ctv=0&us_privacy=1---&gdpr=1&gdpr_consent=tcunavailable&sdki=44d&adk=246646510&sdk_apis=2%2C8&sid=A3541D03-9B41-47B3-9F22-BFE73F76919B&nel=0&eid=40819804&url=https%3A%2F%2Fwww.salon.com%2F2016%2F12%2F10%2Fpizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit%2F&dlt=1636485813927&idt=2096&dt=1636485816667&correlator=192487363652750&scor=2862716566964880&ged=ve4_td3_tt1_pd3_la3000_er2431.273.2793.915_vi0.0.1200.1600_vp0_eb16491

Requested by

Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/core/bridge3.488.0_en.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

106b39f48e91ecd4e58145357095e1014ceba98a7b71c81e2a9388a36be77732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://imasdk.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:36 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-creative-id: -2
content-type: text/html; charset=UTF-8
access-control-allow-origin: https://imasdk.googleapis.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 event Show response
events.proper.io/api/ 0
79 B 534ms
160ms XHR
application/octet-stream 35.161.92.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://events.proper.io/api/event
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.161.92.198 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-161-92-198.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 19:23:37 GMT
content-length: 0
content-type: application/octet-stream

GET
H2 200 dash.min.js Show response
player.propervideo.io/new_src/libraries/ 594 KB
159 KB 38ms
38ms Script
application/javascript 2606:4700::6812:9eea
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:9eea , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7b705c8f31bac6bb1e49d9c57534c23dfaaca682160dea116d0d235efaabe9ad

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:36 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Fri, 27 Nov 2020 19:43:57 GMT
server: cloudflare
age: 606832
etag: W/"5fc156fd-94800"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=300
cf-ray: 6ab96aa2d9fb7031-FRA
expires: Tue, 09 Nov 2021 19:28:36 GMT

GET
H2 200 rkh57f.mpd Show response
d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ 2 KB
3 KB 36ms
7ms XHR
application/dash+xml 2600:9000:2156:7c00:14:6f36:d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/rkh57f.mpd
Requested by: Host: player.propervideo.io
URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7c00:14:6f36:d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e8faf4fbb73f4818e6ada74d10613e7ff46e891d1457e9ab0523bf1cc5429f0f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 04 Sep 2021 07:31:01 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
age: 5745156
x-cache: Hit from cloudfront
content-length: 2525
last-modified: Thu, 04 Feb 2021 01:28:54 GMT
server: AmazonS3
etag: "b75965770776d488b2a10c51065f59cb"
vary: Origin
access-control-allow-methods: GET, POST, HEAD
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: application/dash+xml
x-amz-cf-id: BYHVaV4_QIK6lwmyywNcQptODQNDqkehIaK6UynjBXMmD3BbtUTEyA==

GET
H2 200 rkh57f_960x540p_dashinit.mp4 Show response
d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ 741 B
1 KB 9ms
8ms XHR
video/mp4 2600:9000:2156:7c00:14:6f36:d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/rkh57f_960x540p_dashinit.mp4
Requested by: Host: player.propervideo.io
URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7c00:14:6f36:d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3305ab133c06f411ec29386e7798af861314f1343fc138eb95c8c62dc3dfe23f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 01 Jul 2021 20:39:10 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
age: 11313867
x-cache: Hit from cloudfront
content-length: 741
last-modified: Thu, 04 Feb 2021 01:28:54 GMT
server: AmazonS3
etag: "b2d5535bf82b0c27407d8810d15db85c"
vary: Origin
access-control-allow-methods: GET, POST, HEAD
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: video/mp4
x-amz-cf-id: lBUyJ7sCJ2ZGsHoVqyDTkA29z4-Z6UW2OZxA6cZQJMdi455z2-_R7g==

GET
H2 200 rkh57f_audio_128kinit.mp4 Show response
d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ 638 B
1 KB 8ms
8ms XHR
video/mp4 2600:9000:2156:7c00:14:6f36:d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/rkh57f_audio_128kinit.mp4
Requested by: Host: player.propervideo.io
URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7c00:14:6f36:d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e7d39ee24e0e90f6ee1d137335a5bc0adc2137f30b48f34b1ade12ee4b829c9a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 11 Jun 2021 12:23:10 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
age: 13071627
x-cache: Hit from cloudfront
content-length: 638
last-modified: Thu, 04 Feb 2021 01:28:54 GMT
server: AmazonS3
etag: "6d00db8d563f7a82e5a3704287310981"
vary: Origin
access-control-allow-methods: GET, POST, HEAD
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: video/mp4
x-amz-cf-id: G4dqFl8KXfe4JUx-K5ozukfiq7lpunfvWRnqvRge-TBWUWQz2yFh1Q==

GET
H2 200 rkh57f_960x540p_dash_000000001.mp4 Show response
d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ 1 MB
1 MB 12ms
12ms XHR
video/mp4 2600:9000:2156:7c00:14:6f36:d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/rkh57f_960x540p_dash_000000001.mp4
Requested by: Host: player.propervideo.io
URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7c00:14:6f36:d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b26ac047cd2112ed8e53d25c6475309c048bb1ac8bed1871763f967d970de9ef

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 25 Oct 2021 05:16:10 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
age: 1346847
x-cache: Hit from cloudfront
content-length: 1197144
last-modified: Thu, 04 Feb 2021 01:27:55 GMT
server: AmazonS3
etag: "e258e06cef0f362e0c0ee1fd8c0575d0"
vary: Origin
access-control-allow-methods: GET, POST, HEAD
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: video/mp4
x-amz-cf-id: fjw4xqWsoDBkbiNzNxLgZAWZhyqIM2rkRiLnCMMf60rwJNykY_z0cQ==

GET
H2 200 rkh57f_audio_128k_000000001.mp4 Show response
d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/ 196 KB
197 KB 11ms
11ms XHR
video/mp4 2600:9000:2156:7c00:14:6f36:d40:21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d2um6xmmztr4fp.cloudfront.net/propervideo/processed-dash/rkh57f_audio_128k_000000001.mp4
Requested by: Host: player.propervideo.io
URL: https://player.propervideo.io/new_src/libraries/dash.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:7c00:14:6f36:d40:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7fc9262ac7e9d995aa655d108cbe552731f14485a1729639e96be24e4d8f4f28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 31 May 2021 18:25:19 GMT
via: 1.1 d55780b776b171387055eca956ae29a9.cloudfront.net (CloudFront)
age: 14000298
x-cache: Hit from cloudfront
content-length: 200640
last-modified: Thu, 04 Feb 2021 01:27:55 GMT
server: AmazonS3
etag: "418aa1e10bd7c97cb602341d5a411a20"
vary: Origin
access-control-allow-methods: GET, POST, HEAD
x-amz-version-id: null
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=31536000
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-type: video/mp4
x-amz-cf-id: BXa69WjAxBG7B7kFgouJ9i2uqrzwKH0r5CZC0PV81I4T9MNLMGM6QQ==

POST
H/1.1 200
OK bidding Show response
bids.proper.io/api/ 0
171 B 163ms
162ms XHR
application/octet-stream 34.210.253.33
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://bids.proper.io/api/bidding
Requested by: Host: global.proper.io
URL: https://global.proper.io/payloads/1.91.0-kargo-page-takeover.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.210.253.33 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-210-253-33.us-west-2.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Access-Control-Allow-Origin: *
Date: Tue, 09 Nov 2021 19:23:37 GMT
Connection: keep-alive
Content-Length: 0
Content-Type: application/octet-stream

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/ib/static/usersync/v3/ Frame 0B97 995 B
875 B 32ms
7ms Document
text/html 2.18.232.130
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.232.130 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-232-130.deploy.static.akamaitechnologies.com
Software: nginx/1.13.10 /
Resource Hash: 8730c26defc411dd8a51f1da47e5ae3804fab6868f7914a26b09d8e0791bbe39

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

Last-Modified: Fri, 20 May 2016 02:07:09 GMT
ETag: "573e714d-3e3"
Server: nginx/1.13.10
Access-Control-Allow-Origin: *
Content-Type: text/html
Content-Encoding: gzip
Content-Length: 506
Cache-Control: max-age=31536000
Expires: Wed, 09 Nov 2022 19:23:39 GMT
Date: Tue, 09 Nov 2021 19:23:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame FD80 281 B
554 B 9ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Nov 2021 19:23:39 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0

0
625 B

11ms
11ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0

Requested by

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:39 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0
date: Tue, 09 Nov 2021 19:23:39 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 %7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ 43 B
322 B 37ms
36ms Image
image/gif 2a05:d018:d29:3602:aed6:5140:ccda:f0b0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:aed6:5140:ccda:f0b0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:39 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET

sync
sync.adap.tv/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D&_test=YYrKuwADTYMbFAAz
https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=YYrKuwADTYMbFAAz&_test=YYrKuwADTYMbFAAz

0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame FD80 32 KB
10 KB 19ms
19ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1fa85f987b16ca14dd669bcd177e3b50deaef5e2a05ad97dfb152322ddf92604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 19:23:39 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:14 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45722
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Wed, 10 Nov 2021 08:05:41 GMT

GET
H/1.1 200
OK async_usersync Show response
secure.adnxs.com/ Frame 0B97 0
731 B 13ms
13ms Script
text/html 185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://secure.adnxs.com/async_usersync?cbfn=AN_async_load

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/ib/static/usersync/v3/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:39 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 727.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: d5792f5e-316a-45dc-8895-d8f6d65141c1
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 sync.html Show response
cdn.concert.io/lib/bids/ Frame 8090 5 KB
5 KB 47ms
8ms Document
text/html 199.232.196.124

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.concert.io/lib/bids/sync.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.124 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bfcdc5bb514538c16b96948274609c06a933ee0f19dd90e3086f887a7df0e79b

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

x-amz-id-2: CY8XCNP+agursnMWHmtIMraNJxiVi7jQWnNDabXLDEIgjfgtTsCRS4+2QsebtXjVv+2ocJc3m0A=
x-amz-request-id: BDV6QEVX5H2TH4ZQ
last-modified: Thu, 04 Nov 2021 13:20:48 GMT
etag: "2e249336f5d89d6f82c998cf8004a382"
cache-control: max-age=86400
content-type: text/html
server: AmazonS3
access-control-allow-origin: *
accept-ranges: bytes
date: Tue, 09 Nov 2021 19:23:41 GMT
via: 1.1 varnish
age: 18541
x-served-by: cache-fra19124-FRA
x-cache: HIT
x-cache-hits: 1
x-timer: S1636485821.332608,VS0,VE1
content-length: 4617

GET
H/1.1 200
OK check.html Show response
biddr.brealtime.com/ Frame BFC1 926 B
1 KB 62ms
18ms Document
text/html 104.17.119.107

General

Check archive.org

Show headers Download Go to

Full URL: https://biddr.brealtime.com/check.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.17.119.107 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 868a78df4f3d0a21f89c48ccc709df44d3875f5fb33e22bf51ca8b5c28be4202

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

Date: Tue, 09 Nov 2021 19:23:41 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
x-amz-id-2: iThDOqIsDS8Lc8XERmO4THti/L0TNokZlU7KZ5ydViHoGsz8wSrXydQlClxKzw+8VZ9YuulUJ7s=
x-amz-request-id: 5S3T1K5V2G9VMX3D
Last-Modified: Tue, 08 Sep 2020 13:51:51 GMT
CF-Cache-Status: HIT
Age: 2753
Expires: Tue, 09 Nov 2021 19:24:41 GMT
Cache-Control: public, max-age=60
Expect-CT: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 6ab96abf5fc34e49-FRA
Content-Encoding: gzip

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame D55A 38 KB
14 KB 52ms
8ms Document
text/html 2.18.233.180

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=34978
expires: Wed, 10 Nov 2021 05:06:39 GMT
date: Tue, 09 Nov 2021 19:23:41 GMT
vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 29A8 281 B
554 B 8ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?gdpr=0&gdpr_consent=undefined&us_privacy=1---
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Nov 2021 19:23:41 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&_origin=1&gdpr=1&gdpr_consent=

0
38 B

12ms
12ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&_origin=1&gdpr=1&gdpr_consent=

Requested by

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:41 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 29A8 32 KB
10 KB 9ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0&gdpr_consent=undefined&us_privacy=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1fa85f987b16ca14dd669bcd177e3b50deaef5e2a05ad97dfb152322ddf92604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?gdpr=0&gdpr_consent=undefined&us_privacy=1---
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 19:23:41 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:14 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45720
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Wed, 10 Nov 2021 08:05:41 GMT

GET
H2 200 js.cookie.min.js Show response
cdn.jsdelivr.net/npm/js-cookie@2/src/ Frame 8090 2 KB
2 KB 57ms
29ms Script
application/javascript 2606:4700::6810:5514

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/js-cookie@2/src/js.cookie.min.js

Requested by

Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5514 -, , ASN (),

Reverse DNS

Software

cloudflare /

Resource Hash

39b8fe6364621725ff90431a34af0f87976d95c00cbfd1d0f3711a3f1fa1a07b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.concert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:41 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 2800
x-jsd-version: 2.2.1
x-cache: HIT
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
x-served-by: cache-fra19137-FRA
timing-allow-origin: *
x-jsd-version-type: version
server: cloudflare
etag: W/"79f-7pVBzxqV0qiF+LFDoQXKqgjKnJ0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
cf-ray: 6ab96abffe4fd72d-FRA

GET
H2 200 browserify-consent-string.js Show response
cdn.concert.io/lib/bids/ Frame 8090 38 KB
38 KB 7ms
6ms Script
application/javascript 199.232.196.124

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.concert.io/lib/bids/browserify-consent-string.js
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.196.124 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9d44c04da1087e1be35a57ee5c975dc715c1aa92c31fd0233b3f7cd7014f1dcb

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.concert.io/lib/bids/sync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:41 GMT
via: 1.1 varnish
age: 1710795
x-cache: HIT
content-length: 38796
x-amz-id-2: nUEoSewbTUTt09c/1Bc6plPBXF6tGou1iwMeqDcPqh0/urC/LmBXfGuih/iiwphMN127hFQGvaI=
x-served-by: cache-fra19124-FRA
last-modified: Wed, 20 Oct 2021 20:03:39 GMT
server: AmazonS3
x-timer: S1636485821.409856,VS0,VE0
etag: "c8cdc96a2fa10f85ee91bb03aee93132"
x-amz-request-id: 8108X6XS5R7DJK92
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
content-type: application/javascript
x-cache-hits: 174

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame D55A 3 KB
3 KB 18ms
17ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=50870799&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 98287c213f8d224800a28bfe3f0a239cb335d96863e5673b6fefa7724753e2fa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:39 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

match Show response
c1.adform.net/serving/cookie/ Frame 81E7
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&cid=43F2F596-E058-42AE-B71D-2E3544852ECC
https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=43F2F596-E058-42AE-B71D-2E3544852ECC

35 B
467 B

20ms
19ms

Document
image/gif

37.157.6.246

General

Check archive.org

Show headers Download Go to

Full URL

https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=43F2F596-E058-42AE-B71D-2E3544852ECC

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

37.157.6.246 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 09 Nov 2021 19:23:41 GMT
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

Redirect headers

server: nginx
date: Tue, 09 Nov 2021 19:23:41 GMT
content-length: 0
location: https://c1.adform.net/serving/cookie/match?CC=1&party=14&cid=43F2F596-E058-42AE-B71D-2E3544852ECC
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-credentials: true
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods: GET
access-control-allow-origin: *
access-control-max-age: 86400
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

Pug Show response
image2.pubmatic.com/AdServer/ Frame 3F5A
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7942859873251720687

42 B
211 B

19ms
18ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7942859873251720687
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 09 Nov 2021 19:23:41 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: lhrpug019:0:479
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7942859873251720687
content-length: 0
p3p: CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 998D 43 B
334 B 71ms
21ms Document
image/gif 178.250.2.151

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.151 -, , ASN (),
Reverse DNS
Software: Kestrel /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

date: Tue, 09 Nov 2021 19:23:41 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Tue, 09 Nov 2021 00:00:00 GMT
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 762721

GET
H2

200

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 23BC
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028653081576274070

42 B
520 B

62ms
12ms

Document
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028653081576274070
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/

Response headers

server: nginx
date: Tue, 09 Nov 2021 19:23:41 GMT
content-type: image/gif; charset=utf-8
content-length: 42
x-lat: amspug009:0:418
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Tue, 09 Nov 2021 19:23:41 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7028653081576274070

GET
H2

200

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D55A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=Q_L1luBYQq63HS41RIUuzA%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

14 KB
14 KB

14ms
12ms

Image
text/html

2.18.233.180

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:41 GMT
content-encoding: gzip
last-modified: Tue, 15 Jun 2021 06:08:03 GMT
server: Apache/2.2.15 (CentOS)
etag: "1300708-3945-5c4c7cc02bd56"
vary: Accept-Encoding
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: max-age=37058
accept-ranges: bytes
content-type: text/html; charset=UTF-8
content-length: 5054
expires: Wed, 10 Nov 2021 05:41:19 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D55A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ddce618a-cab6-4000-b5d7-fe9b3940e3ca

0
48 B

48ms
10ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ddce618a-cab6-4000-b5d7-fe9b3940e3ca
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 09 Nov 2021 19:23:41 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x5 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=ddce618a-cab6-4000-b5d7-fe9b3940e3ca
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Nov 2021 19:23:40 GMT

GET
H2

200

mw
mwzeom.zeotap.com/ Frame D55A
Redirect Chain

https://pixel.onaudience.com/?partner=214&mapped=43F2F596-E058-42AE-B71D-2E3544852ECC
https://sync.crwdcntrl.net/map/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D
https://pixel.onaudience.com/?partner=104&icm&cver&mapped=6f95ab493a2431ec8c6073b9b7b50837
https://spl.zeotap.com/?zdid=1332&zcluid=8da33a0eb68217c4
https://cm.g.doubleclick.net/pixel?google_nid=zeotap_ddp&google_cm&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=107e3132-8d53-4231-68c6-82110ab5b7a2&reqId=5a6f1581-c605-4199-78d3-e2990aebe457&zclui...
https://mwzeom.zeotap.com/mw?google_gid=CAESEHtPwbtfV7Z278ufsq5eNew&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=107e3132-8d53-4231-68c6-82110ab5b7a2&reqId=5a6f1581-c605-4199-78d3-e29...

95 B
164 B

39ms
25ms

Image
image/png

2606:4700:10::6816:1857

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?google_gid=CAESEHtPwbtfV7Z278ufsq5eNew&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=107e3132-8d53-4231-68c6-82110ab5b7a2&reqId=5a6f1581-c605-4199-78d3-e2990aebe457&zcluid=8da33a0eb68217c4&zdid=1332
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 2606:4700:10::6816:1857 -, , ASN (),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:42 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 6ab96ac4ad3c2c01-FRA
access-control-allow-headers: *
content-length: 95

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://mwzeom.zeotap.com/mw?google_gid=CAESEHtPwbtfV7Z278ufsq5eNew&google_cver=1&zpartnerid=1&env=mWeb&eventType=map&id_mid_4=107e3132-8d53-4231-68c6-82110ab5b7a2&reqId=5a6f1581-c605-4199-78d3-e2990aebe457&zcluid=8da33a0eb68217c4&zdid=1332
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 469
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D55A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=NDNGMkY1OTYtRTA1OC00MkFFLUI3MUQtMkUzNTQ0ODUyRUND&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

42 B
110 B

18ms
17ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug009:0:406
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D55A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIlAPaYwAZeZSPkW3v-1Lko&google_cver=1

42 B
283 B

20ms
18ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIlAPaYwAZeZSPkW3v-1Lko&google_cver=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug003:0:729
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:41 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEIlAPaYwAZeZSPkW3v-1Lko&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 379
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pubmatic
um.simpli.fi/ Frame D55A 43 B
618 B 77ms
14ms Image
image/gif 169.50.137.182

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

169.50.137.182 -, , ASN (),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:41 GMT
x-content-type-options: nosniff
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubdomains; preload
access-control-allow-methods: GET, POST, OPTIONS
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache
access-control-allow-headers: DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 43
expires: Mon, 08 Nov 2021 19:23:41 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D55A
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ddce618a-cab6-4000-b5d7-fe9b3940e3ca&gdpr=0&gdpr_consent=

42 B
495 B

78ms
13ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ddce618a-cab6-4000-b5d7-fe9b3940e3ca&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:40 GMT
cache-control: no-store, no-cache, private
x-lat: amspug004:0:478
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date: Tue, 09 Nov 2021 19:23:41 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x9 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:ddce618a-cab6-4000-b5d7-fe9b3940e3ca&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Nov 2021 19:23:40 GMT

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D55A
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f

42 B
294 B

81ms
14ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:40 GMT
cache-control: no-store, no-cache, private
x-lat: amspug001:0:796
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:41 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H2

200

Pug
simage2.pubmatic.com/AdServer/ Frame D55A
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://c1.adform.net/serving/cookie/match?CC=1&party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5179053400064230000

42 B
389 B

14ms
14ms

Image
image/gif

185.64.189.110

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5179053400064230000
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.189.110 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 18:51:54 GMT
cache-control: no-store, no-cache, private
x-lat: amspug0022:0:407
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:41 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=5179053400064230000
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame D55A
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3132108011176313798&gdpr=0&gdpr_consent=

42 B
388 B

19ms
19ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3132108011176313798&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:41 GMT
cache-control: no-store, no-cache, private
x-lat: lhrpug016:0:433
server: nginx
content-type: image/gif; charset=utf-8
content-length: 42
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:41 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: b2190371-7e3f-4f2f-bb13-f25a25f359f4
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=3132108011176313798&gdpr=0&gdpr_consent=
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET p-5aWVS_roA1dVM.gif
pixel.quantserve.com/pixel/ Frame D55A 0
0

GET
H2

200

SPug
image4.pubmatic.com/AdServer/ Frame D55A
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=43F2F596-E058-42AE-B71D-2E3544852ECC&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ckHdRzpE2uVORRaNL2pzqIBR5iRFBbc-~A&gdpr=0&gdpr_consent=

0
260 B

49ms
9ms

Image
text/plain

198.47.127.20

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ckHdRzpE2uVORRaNL2pzqIBR5iRFBbc-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:40 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-ckHdRzpE2uVORRaNL2pzqIBR5iRFBbc-~A&gdpr=0&gdpr_consent=
date: Tue, 09 Nov 2021 19:23:41 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 _pdfps Show response
d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/ Frame 8090 0
134 B 60ms
15ms XHR
text/plain 34.107.222.173

General

Check archive.org

Show headers Download Go to

Full URL: https://d2fb08da-1c03-4c8a-978f-ad8a96b4c31f.partner.permutive.app/sync/_pdfps
Requested by: Host: cdn.concert.io
URL: https://cdn.concert.io/lib/bids/sync.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.107.222.173 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.concert.io/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:41 GMT
via: 1.1 google
server: nginx
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://cdn.concert.io
access-control-allow-credentials: true
alt-svc: clear
content-length: 0

GET
H2 200 iframe Show response
sync.teads.tv/ Frame C30E 153 B
314 B 108ms
35ms Document
text/html 104.111.242.245

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.teads.tv/iframe?gdprIab=%7B%22status%22%3A0%7D
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 -, , ASN (),
Reverse DNS
Software: akka-http/10.2.6 /
Resource Hash: 716a727e47216ad28191f60fb09d59015b1bcb3df8cc32b5bb94f73d534a5732

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

content-type: text/html; charset=UTF-8
server: akka-http/10.2.6
content-length: 153
expires: Tue, 09 Nov 2021 19:23:42 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Tue, 09 Nov 2021 19:23:42 GMT

GET
H2

200

sync Show response
eb2.3lift.com/ Frame C129
Redirect Chain

https://eb2.3lift.com/sync?us_privacy=1---
https://eb2.3lift.com/sync?us_privacy=1---&ld=1

1 KB
1 KB

8ms
7ms

Document
text/html

13.248.245.213

General

Check archive.org

Show headers Download Go to

Full URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b76e60dc2854bdd0cd779f291820b40cc5bd562e23f358a17da242302bd834a

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

date: Tue, 09 Nov 2021 19:23:42 GMT
content-type: text/html; charset=utf-8
content-length: 463
content-encoding: gzip
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cache-control: no-cache, no-store, must-revalidate

Redirect headers

date: Tue, 09 Nov 2021 19:23:42 GMT
content-length: 0
location: /sync?us_privacy=1---&ld=1
cache-control: no-cache, no-store, must-revalidate
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 usersync.html Show response
cdn.undertone.com/js/ Frame 3C62 9 KB
3 KB 80ms
8ms Document
text/html 2600:9000:2156:cc00:1f:2473:9080:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2156:cc00:1f:2473:9080:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 2fe69124b7da8ef9870f67e0a05a6b7f17d76aa76b20121580a703df696ce40e

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

content-type: text/html
x-amz-replication-status: COMPLETED
last-modified: Wed, 06 Oct 2021 14:57:28 GMT
x-amz-version-id: ZYVaSYMkko8_M0fa4kKdlwZQWzXnHpnx
server: AmazonS3
content-encoding: gzip
date: Tue, 09 Nov 2021 18:59:24 GMT
etag: W/"fd97e71746377abcf665b323d9eb670c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 9c7c26f5beeb09381cea450ea3581b37.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: mnJ3NpaD5ogMjghd7CtVBJQLvCrTiwQ5HjMKQ35CGgOBbvfysIWcNg==
age: 1461

GET
H/1.1 204 sync_iframe
sync.bfmio.com/ Frame 5BD7 0
0 467ms
101ms Document
text/plain 3.225.180.98

General

Check archive.org

Show headers Download Go to

Full URL: https://sync.bfmio.com/sync_iframe?ifg=1&id=&gdpr=0&gc=&gce=1&us_privacy=1---
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.225.180.98 -, , ASN (),
Reverse DNS
Software: /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

Date: Tue, 09 Nov 2021 19:23:42 GMT
Connection: keep-alive

GET
H2 200 showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 7729 38 KB
14 KB 15ms
14ms Document
text/html 2.18.233.180

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 -, , ASN (),
Reverse DNS
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e2cdec10db9a0a224e9f5e49b6f004c5426564fb8d857ad3df480e9c916bafe6

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

last-modified: Tue, 19 Oct 2021 10:00:01 GMT
etag: "1302647-96ae-5ceb1b98ba7c4"
server: Apache/2.2.15 (CentOS)
accept-ranges: bytes
content-encoding: gzip
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 13882
content-type: text/html; charset=UTF-8
cache-control: public, max-age=34977
expires: Wed, 10 Nov 2021 05:06:39 GMT
date: Tue, 09 Nov 2021 19:23:42 GMT
vary: Accept-Encoding

GET
H2 200 generic
match.adsrvr.org/track/cmf/ Frame C129 70 B
264 B 32ms
31ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/generic?ttd_pid=svx9t50&ttd_tpi=1&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:42 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

200

xuid
eb2.3lift.com/ Frame C129
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&google_cm&google_sc&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFokpXhMI4HcoptgpEzJUN4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1

37 B
352 B

13ms
12ms

Image
image/gif

13.248.245.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFokpXhMI4HcoptgpEzJUN4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1
Protocol: H2
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:42 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://eb2.3lift.com/xuid?mid=5989&xuid=CAESEFokpXhMI4HcoptgpEzJUN4&dongle=c627&gdpr=1&gdpr_consent=&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 332
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame C129
Redirect Chain

https://eb2.3lift.com/sync/google/demand?sync=1&gdpr=1&gdpr_consent=
https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzg0MTczNDkyMTMxMjI0NjA5Mw%3D%3D

170 B
188 B

24ms
23ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzg0MTczNDkyMTMxMjI0NjA5Mw%3D%3D

Requested by

Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:42 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=triplelift&gdpr=1&gdpr_consent=&us_privacy=&google_hm=Nzg0MTczNDkyMTMxMjI0NjA5Mw%3D%3D
date: Tue, 09 Nov 2021 19:23:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2 200 setuid
px.ads.linkedin.com/ Frame C129 0
595 B 536ms
202ms Image
text/plain 2620:119:50e1:101::6cae:b25

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/setuid?partner=tripleliftdbredirect&tlUid=7841734921312246093&dbredirect=true&gdpr=1&consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 -, , ASN (),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:43 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-proto: http/2
x-li-pop: prod-esv5
content-length: 0
x-li-uuid: ymcFkC/3tRYA95kDmSsAAA==

GET
H2

200

xuid
eb2.3lift.com/ Frame C129
Redirect Chain

https://pr-bh.ybp.yahoo.com/sync/triplelift/7841734921312246093?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2662&xuid=y-63uJ83ZE2oTYYU20gGI.HatTH2A0I35GS9R0sbOZfw--~A&dongle=0883

37 B
352 B

10ms
10ms

Image
image/gif

13.248.245.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2662&xuid=y-63uJ83ZE2oTYYU20gGI.HatTH2A0I35GS9R0sbOZfw--~A&dongle=0883
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1
Protocol: H2
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

date: Tue, 09 Nov 2021 19:23:42 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://eb2.3lift.com/xuid?mid=2662&xuid=y-63uJ83ZE2oTYYU20gGI.HatTH2A0I35GS9R0sbOZfw--~A&dongle=0883
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H/1.1 200
OK sync
x.bidswitch.net/ Frame C129 43 B
220 B 17ms
14ms Image
image/gif 18.196.162.123
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=triplelift&user_id=7841734921312246093&gdpr=1&gdpr_consent=
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.196.162.123 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-196-162-123.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 19:23:42 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H2 200 c.gif
c.bing.com/ Frame C129 42 B
592 B 79ms
32ms Image
image/gif 2620:1ec:c11::200

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.bing.com/c.gif?xid=7841734921312246093&Red3=TLMS_pd
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 -, , ASN (),
Reverse DNS
Software: / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:42 GMT
etag: "f95a3e4769d2d71:0"
last-modified: Fri, 05 Nov 2021 17:19:23 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: C7E9AD1303E54DF191110B61D19C812F Ref B: FRAEDGE1521 Ref C: 2021-11-09T19:23:42Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

GET
H/1.1

200
OK

iu3
s.amazon-adsystem.com/ Frame C129
Redirect Chain

https://s.amazon-adsystem.com/x/757c0557066e95cfd4c7?gdpr=1&gdpr_consent=&uid=7841734921312246093
https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7841734921312246093&dcc=t

0
0

101ms
100ms

Image
text/html

52.46.154.242

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7841734921312246093&dcc=t
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1
Protocol: HTTP/1.1
Server: 52.46.154.242 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:43 GMT
Vary: Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server: Server
x-amz-rid: W6KBYZAKG5YYV7QKQT9Q
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iu3?cm3ppd=1&d=dtb-pub&dl=3lift&gdpr=1&gdpr_consent=&uid=7841734921312246093&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy: interest-cohort=()
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

xuid
eb2.3lift.com/ Frame C129
Redirect Chain

https://b1sync.zemanta.com/usersync/triplelift?gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1

37 B
139 B

8ms
8ms

Image
image/gif

13.248.245.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1
Protocol: H2
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:43 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 37
content-type: image/gif

Redirect headers

Location: https://eb2.3lift.com/xuid?mid=2460&dongle=dba8&xuid=&gdpr=1
Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:43 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 95
Content-Type: text/html; charset=utf-8

GET
H2

200

xuid
eb2.3lift.com/ Frame C129
Redirect Chain

https://ad.turn.com/r/cs?pid=49&gdpr=1&gdpr_consent=
https://eb2.3lift.com/xuid?mid=4771&xuid=6926514267882230545&dongle=d407

37 B
352 B

9ms
9ms

Image
image/gif

13.248.245.213

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eb2.3lift.com/xuid?mid=4771&xuid=6926514267882230545&dongle=d407
Requested by: Host: eb2.3lift.com
URL: https://eb2.3lift.com/sync?us_privacy=1---&ld=1
Protocol: H2
Server: 13.248.245.213 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eb2.3lift.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:42 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 37
p3p: policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location: https://eb2.3lift.com/xuid?mid=4771&xuid=6926514267882230545&dongle=d407
pragma: no-cache
date: Tue, 09 Nov 2021 19:23:42 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame DD9F
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=12776
https://eus.rubiconproject.com/usync.html?p=12776

281 B
554 B

9ms
8ms

Document
text/html

23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Nov 2021 19:23:42 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=12776
Date: Tue, 09 Nov 2021 19:23:42 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3C62
Redirect Chain

https://ib.adnxs.com/getuidnb?https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=$UID
https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=3132108011176313798

0
154 B

432ms
101ms

Image
text/plain

52.44.76.16

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=3132108011176313798
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: HTTP/1.1
Server: 52.44.76.16 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:43 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Pragma: no-cache
Date: Tue, 09 Nov 2021 19:23:43 GMT
X-Proxy-Origin: 91.199.118.73; 91.199.118.73; 731.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: dba94ff2-2974-4269-b9ff-71226cc57b53
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://usr.undertone.com/userPixel/sync?partner=appnexus&uid=3132108011176313798
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3C62
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=fba3d144-1026-4d31-a758-943b9545e305&r=https://usr.undertone.com/userPixel/sync?partnerId=39&uid=
https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2ec14013-9831-46e2-96fb-a43a80640836

0
308 B

444ms
93ms

Image
text/plain

52.44.76.16

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2ec14013-9831-46e2-96fb-a43a80640836
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: HTTP/1.1
Server: 52.44.76.16 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:43 GMT
x-envoy-upstream-service-time: 1
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

date: Tue, 09 Nov 2021 19:23:42 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://usr.undertone.com/userPixel/sync?partnerId=39&uid=2ec14013-9831-46e2-96fb-a43a80640836
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
via: 1.1 google

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3C62
Redirect Chain

https://pixel.advertising.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true
https://ups.analytics.yahoo.com/ups/58293/sync?&gdpr=&gdpr_consent=&redir=true&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0
https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-StZ7IcVE2uGSfvxsYjJO_GG6uDzq7eJg~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0

0
154 B

439ms
93ms

Image
text/plain

52.44.76.16

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-StZ7IcVE2uGSfvxsYjJO_GG6uDzq7eJg~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: HTTP/1.1
Server: 52.44.76.16 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:42 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

location: https://usr.undertone.com/userPixel/sync?partner=verizon&uid=y-StZ7IcVE2uGSfvxsYjJO_GG6uDzq7eJg~A~UP88117a69-4192-11ec-b7a8-065546d5d9c0
date: Tue, 09 Nov 2021 19:23:43 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3C62
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=sirnsvg&ttd_tpi=1&gdpr=0&gdpr_consent=
https://usr.undertone.com/userPixel/sync?partner=ttd&uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&ttl=1639077822

0
154 B

444ms
93ms

Image
text/plain

52.44.76.16

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&ttl=1639077822
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: HTTP/1.1
Server: 52.44.76.16 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:42 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:42 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://usr.undertone.com/userPixel/sync?partner=ttd&uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&ttl=1639077822
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 247

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame 3C62 0
239 B 11ms
10ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3C62
Redirect Chain

https://cs.admanmedia.com/sync/undertone?url=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3Fpartner%3Dacuityads%26uid%3D%24UID
https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=7a6a91335eaacbe18ba04a730019238c096cf569

0
154 B

298ms
91ms

Image
text/plain

52.44.76.16

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=7a6a91335eaacbe18ba04a730019238c096cf569
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: HTTP/1.1
Server: 52.44.76.16 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:42 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

Location: https://usr.undertone.com/userPixel/sync?partner=acuityads&uid=7a6a91335eaacbe18ba04a730019238c096cf569
Date: Tue, 09 Nov 2021 19:23:43 GMT
Transfer-Encoding: chunked
Server: nginx
Connection: keep-alive
X-Frame-Options: DENY
Strict-Transport-Security: max-age=63072000; includeSubdomains; preload

GET
H2

200

43F2F596-E058-42AE-B71D-2E3544852ECC
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 3C62
Redirect Chain

https://image8.pubmatic.com/AdServer/ImgSync?p=160318&gdpr=&gdpr_consent=&pu=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3Fp%3D160318%26pmc%3DPM_PMC%26pr%3Dhttps%253A%252F%252Fusr.undertone...
https://pr-bh.ybp.yahoo.com/sync/pubmatic/43F2F596-E058-42AE-B71D-2E3544852ECC?gdpr=0&gdpr_consent=

43 B
874 B

52ms
51ms

Image
image/gif

2a05:d018:d29:3602:aed6:5140:ccda:f0b0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/43F2F596-E058-42AE-B71D-2E3544852ECC?gdpr=0&gdpr_consent=

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---

Protocol

Server

2a05:d018:d29:3602:aed6:5140:ccda:f0b0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:43 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

Redirect headers

location: https://pr-bh.ybp.yahoo.com/sync/pubmatic/43F2F596-E058-42AE-B71D-2E3544852ECC?gdpr=0&gdpr_consent=
date: Tue, 09 Nov 2021 19:23:41 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 126
content-type: text/html; charset=utf-8

GET
H/1.1

200
OK

sync
usr.undertone.com/userPixel/ Frame 3C62
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=125&redir=https%3A%2F%2Fusr.undertone.com%2FuserPixel%2Fsync%3FpartnerId%3D55%26uid%3D%24UID/%257BuserId%257D
https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/no-consent

0
287 B

420ms
102ms

Image
text/plain

52.44.76.16

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/no-consent
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: HTTP/1.1
Server: 52.44.76.16 -, , ASN (),
Reverse DNS
Software: istio-envoy /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:42 GMT
x-envoy-upstream-service-time: 0
server: istio-envoy
Connection: keep-alive
Content-Length: 0

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:42 GMT
server: AC1.1
p3p: CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
location: https://usr.undertone.com/userPixel/sync?partnerId=55&uid=$UID/no-consent
cache-control: max-age=0,no-cache,no-store
content-length: 0
expires: Tue, 11 Oct 1977 12:34:56 GMT

GET
H2 204 t.gif
cw.addthis.com/ Frame 3C62 0
425 B 221ms
128ms Image
text/plain 104.75.88.126

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cw.addthis.com/t.gif?pid=46&pdid=a70138d9421c4b6498157e9b16f86c0d
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.75.88.126 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:43 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 09 Nov 2021 19:23:43 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 3C62
Redirect Chain

https://dpm.demdex.net/ibs:dpid=152416&dpuuid=9vxnx62jcpeygwyhkqhp05edp
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=9vxnx62jcpeygwyhkqhp05edp

42 B
943 B

33ms
33ms

Image
image/gif

34.247.192.108

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=9vxnx62jcpeygwyhkqhp05edp

Requested by

Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---

Protocol

HTTP/1.1

Server

34.247.192.108 -, , ASN (),

Reverse DNS

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v019-0a22ddc4b.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: sZkQxzRISZw=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v019-09dc5e9e5.edge-irl1.demdex.com UNKNOWN
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: HKklrGm5Q7o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=152416&dpuuid=9vxnx62jcpeygwyhkqhp05edp
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H/1.1 200
OK 15597
tags.bluekai.com/site/ Frame 3C62 62 B
595 B 244ms
150ms Image
image/gif 104.111.215.191

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/15597?id=9vxnx62jcpeygwyhkqhp05edp
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.215.191 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 19:23:43 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
Content-Type: image/gif

GET
H2 451 403716.gif
idsync.rlcdn.com/ Frame 3C62 0
66 B 87ms
17ms Image
text/plain 35.244.174.68

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/403716.gif?partner_uid=9vxnx62jcpeygwyhkqhp05edp
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:43 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 3C62 0
338 B 138ms
31ms Image
text/plain 34.255.77.76

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=undertone&partner_uid=9vxnx62jcpeygwyhkqhp05edp
Requested by: Host: cdn.undertone.com
URL: https://cdn.undertone.com/js/usersync.html?gdpr=0&gdprstr=&ccpa=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.255.77.76 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.undertone.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:43 GMT
cache-control: private, no-cache, no-store
x-request-time: D=26 t=1636485823
x-served-by: beacon-n007-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame DD9F 32 KB
10 KB 26ms
25ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=12776
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1fa85f987b16ca14dd669bcd177e3b50deaef5e2a05ad97dfb152322ddf92604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html?p=12776
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 19:23:43 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:14 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45718
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Wed, 10 Nov 2021 08:05:41 GMT

GET
H2 200 SPug Show response
simage4.pubmatic.com/AdServer/ Frame D55A 0
128 B 43ms
12ms Script
text/plain 198.47.127.20

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=109126&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 198.47.127.20 -, , ASN (),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:42 GMT
cache-control: no-store, no-cache, private
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H/1.1 204
No Content sync.php
pixel.rubiconproject.com/exchange/ Frame DD9F 0
239 B 9ms
8ms Image
image/gif 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/exchange/sync.php?p=12776&us_privacy=1---
Requested by: Host: www.salon.com
URL: https://www.salon.com/2016/12/10/pizzagate-explained-everything-you-want-to-know-about-the-comet-ping-pong-pizzeria-conspiracy-theory-but-are-too-afraid-to-search-for-on-reddit/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 6f9fd0201ed801884e5299d5aabca094
Content-Type: image/gif

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 4401 281 B
554 B 15ms
15ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Nov 2021 19:23:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK usync.html Show response
eus.rubiconproject.com/ Frame 31CB 281 B
554 B 24ms
8ms Document
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 26 Oct 2021 17:01:05 GMT
ETag: "40334-119-5cf446c48f640"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Tue, 09 Nov 2021 19:23:44 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2

204

sync
ups.analytics.yahoo.com/ups/57304/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adaptv_dbm&google_cm&google_sc
https://pixel.advertising.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1
https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0

0
643 B

10ms
10ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0

Requested by

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:44 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/57304/sync?uid=CAESEFXXz4JC4RCxwLqTof1mRiU&google_cver=1&apid=UP88117a69-4192-11ec-b7a8-065546d5d9c0
date: Tue, 09 Nov 2021 19:23:44 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 %7Bcombo_uid%7D
pr-bh.ybp.yahoo.com/sync/adaptv_ortb/ 43 B
322 B 33ms
33ms Image
image/gif 2a05:d018:d29:3602:aed6:5140:ccda:f0b0
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/adaptv_ortb/%7Bcombo_uid%7D

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a05:d018:d29:3602:aed6:5140:ccda:f0b0 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:44 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff

GET

sync
sync.adap.tv/
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/m7y5t93k?redir=https%3A%2F%2Fsync.adap.tv%2Fsync%3Ftype%3Dgif%26key%3Dtubemogul%26uid%3D%24%7BUSER_ID%7D
https://sync.adap.tv/sync?type=gif&key=tubemogul&uid=YYrKvQADUchvnQAz

0
0

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 4401 32 KB
10 KB 30ms
29ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: eb899a62a03e60d3962035908d2262027f02ae3f1de253f61b17db2b9f5285e9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 19:23:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:19 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=41017
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9513
Expires: Wed, 10 Nov 2021 06:47:21 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 31CB 32 KB
10 KB 8ms
8ms Script
text/html 23.37.42.132
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.37.42.132 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-42-132.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 1fa85f987b16ca14dd669bcd177e3b50deaef5e2a05ad97dfb152322ddf92604

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://eus.rubiconproject.com/usync.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Tue, 09 Nov 2021 19:23:44 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Nov 2021 21:03:14 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=45717
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9510
Expires: Wed, 10 Nov 2021 08:05:41 GMT

POST
H2 200 metrics
connect-metrics-collector.s-onetag.com/ 0
73 B 83ms
23ms Ping
text/plain 99.83.181.31

General

Check archive.org

Show headers Download Go to

Full URL: https://connect-metrics-collector.s-onetag.com/metrics
Requested by: Host: get.s-onetag.com
URL: https://get.s-onetag.com/8bd3d5a0-8adc-4bdc-b823-dc1c8689c243/tag.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 19:23:45 GMT
content-length: 0
vary: Origin

POST
H2 200 metrics
signal-metrics-collector-beta.s-onetag.com/ 0
72 B 36ms
23ms Ping
text/plain 99.83.181.31

General

Check archive.org

Show headers Download Go to

Full URL: https://signal-metrics-collector-beta.s-onetag.com/metrics
Requested by: Host: signal-beacon.s-onetag.com
URL: https://signal-beacon.s-onetag.com/beacon.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.83.181.31 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.salon.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: *
date: Tue, 09 Nov 2021 19:23:45 GMT
content-length: 0
vary: Origin

GET
H3 200 pd Show response
u.openx.net/w/1.0/ Frame 7CB3 668 B
439 B 42ms
41ms Document
text/html 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=&us_privacy=1---
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 6ef74c12f662031eb7f0bbca673f5a6bc15d12e91cf885e1fbed5c9654183c98

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

vary: Accept, Accept-Encoding
server: OXGW/16.218.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Tue, 09 Nov 2021 19:23:45 GMT
content-type: text/html
content-length: 420
content-encoding: gzip
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000

GET
H2

200

v2 Show response
de.tynt.com/deb/ Frame 2F96
Redirect Chain

https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1---
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1---&b=1

75 B
289 B

117ms
116ms

Document
text/html

208.100.17.181

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

cache-control: max-age=86400
expires: Wed, 10 Nov 2021 19:23:46 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Tue, 09 Nov 2021 19:23:45 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1---&b=1
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires: Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy: unsafe-url
content-length: 0
date: Tue, 09 Nov 2021 19:23:45 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H/1.1 204
No Content beacon
ap.lijit.com/ Frame 35C7 0
0 17ms
17ms Document
text/plain 216.52.2.19
AS-INAPCDN-OCY

General

Check archive.org

Show headers Download Go to

Full URL: https://ap.lijit.com/beacon?informer=13412165&us_privacy=1---
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 216.52.2.19 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software: nginx / raptor
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

Server: nginx
Date: Tue, 09 Nov 2021 19:23:45 GMT
Cache-Control: private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
Pragma: no-cache
Expires: Fri, 20 Mar 2009 00:00:00 GMT
P3P: CP="CUR ADM OUR NOR STA NID"
X-Powered-By: raptor
X-Sovrn-Pod: ad_ap4ams1

GET
H2

200

v2 Show response
de.tynt.com/deb/ Frame 831A
Redirect Chain

https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1---
https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1---&b=1

75 B
289 B

117ms
116ms

Document
text/html

208.100.17.181

General

Check archive.org

Show headers Download Go to

Full URL: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1---&b=1
Requested by: Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/properio/op.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 208.100.17.181 -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e170d20dbbd5a22f50118e25fa2eefb1e85d2ad780e5477ed3a9643186090442

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/

Response headers

cache-control: max-age=86400
expires: Wed, 10 Nov 2021 19:23:46 GMT
referrer-policy: unsafe-url
content-type: text/html
content-length: 75
date: Tue, 09 Nov 2021 19:23:45 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

Redirect headers

location: https://de.tynt.com/deb/v2?m=xch&rt=html&id=cQ6c26w1ur65qZaKjGFx_2&gdpr_consent=undefined&us_privacy=1---&b=1
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, false
expires: Sat, 26 Jul 1997 05:00:00 GMT
referrer-policy: unsafe-url
content-length: 0
date: Tue, 09 Nov 2021 19:23:45 GMT
p3p: CP="NOI DSP COR NID PSA PSD OUR IND UNI COM NAV INT DEM STA"

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55953/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=adaptv&ttd_tpi=1
https://ups.analytics.yahoo.com/ups/55953/sync?uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&_origin=1&gdpr=1&gdpr_consent=

0
38 B

13ms
13ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55953/sync?uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&_origin=1&gdpr=1&gdpr_consent=

Requested by

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.salon.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:45 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:45 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://ups.analytics.yahoo.com/ups/55953/sync?uid=b0de8408-cf81-4dcb-9b83-d9cb75eb4c7f&_origin=1&gdpr=1&gdpr_consent=
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 267

GET
H2 200 PugMaster Show response
image6.pubmatic.com/AdServer/ Frame 7729 2 KB
3 KB 19ms
18ms Script
text/html 185.64.190.78
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=55971103&p=109126&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 2566179b3531758cd75d6ff0fca743278fb9ba6bf11c8bfdda94042343fa572d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 09 Nov 2021 19:23:45 GMT
content-type: text/html; charset=UTF-8
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 7CB3
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ddce618a-cab6-4000-b5d7-fe9b3940e3ca

43 B
114 B

29ms
16ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ddce618a-cab6-4000-b5d7-fe9b3940e3ca
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:45 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Tue, 09 Nov 2021 19:23:45 GMT
Server: MT3 4067 88cc6bf master zrh-pixel-x11 config:1.0.0
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ddce618a-cab6-4000-b5d7-fe9b3940e3ca
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Tue, 09 Nov 2021 19:23:44 GMT

GET p-25CIknq_eSg16.gif
pixel.quantserve.com/pixel/ Frame 7CB3 0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 7CB3
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5179053400064230000

43 B
106 B

32ms
19ms

Image
image/gif

34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5179053400064230000
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:45 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:45 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=5179053400064230000
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 7CB3 70 B
264 B 41ms
38ms Image
image/gif 15.197.193.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=65ac2734-989e-7a81-fc7e-bbfd77c82864&gdpr=1
Requested by: Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 15.197.193.217 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: a12b7a488abeaa9e4.awsglobalaccelerator.com
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 09 Nov 2021 19:23:45 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H3 200 pixel
cm.g.doubleclick.net/ Frame 7CB3 170 B
188 B 28ms
27ms Image
image/png 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDljM2Y0ZmUtNTFlOS0yNDI1LWU5OWUtZTE0NGJkMmFlNjA0

Requested by

Host: u.openx.net
URL: https://u.openx.net/w/1.0/pd?gdpr=1&gdpr_consent=&us_privacy=1---

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS